In the wake of constant demand and supply market changes driven by recent economic crises, procurement and supply chain professionals are facing higher expectations from management to drive down costs. But a myopic focus on cost savings can have an impact on supply and supplier risk, and can result in the unintended consequence of diluting the total value delivered from that supplier relationship. The key, therefore, is to balance supplier risk with reward to obtain the greatest benefit from suppliers while minimizing risks.
While it can be difficult to find this balance, there are some approaches and tools that leading companies are adopting, which include:
- Defining and prioritizing supplier tiers;
- Utilizing risk assessment processes for new product/service requests;
- Incorporating initial and ongoing supplier due diligence;
- Utilizing balanced category scorecards;
- Adopting robust supplier performance reporting and issue resolution;
- Developing and regularly updating category market research profiles;
- Implementing a supplier Six Sigma program.
The following is an in-depth look at these approaches and tools and how they can be effectively applied.
Define and Prioritize Supplier Tiers
Most companies have critical suppliers that have a significant impact on their revenue and profit. However, these suppliers and/or supplier tiers are not always formally defined, nor have tailored programs been developed to address this segment of the supply base. Companies that adopt a “one-size-fits-all” approach to managing suppliers run the risk of conducting less rigorous assessments of the critical suppliers and over-assessments of non-critical suppliers. This can produce a number of “false positives” or “false negatives” that can result in inefficient allocation of scarce procurement resources and that ultimately decrease the value the procurement function delivers to its internal customer. The following is an example of defining and prioritizing supplier tiers:
1. A significant-spend supplier whose products/service are critical to a company’s revenues and require:
- Complex contracts that drive continuous improvement
- Proactive supplier relationship management
- Detailed monthly supplier performance reporting
- Proactive forecasting
2. A moderately high-spend supplier whose products/service are important to a company’s revenue and require:
- Complex contracts
- Proactive supplier relationship management
- Detailed quarterly supplier performance
3. A supplier whose products/service are not critical to a company’s revenue but require:
- Complex or basic standard contracts
- Annual performance reporting
4. A supplier whose products/service are not critical to a company’s revenue and who:
- Falls within a non-procurement-managed category
- May utilize standard purchase order terms and conditions
After creating a tiered approach like the example above, companies can then develop targeted and differentiated programs to adequately identify and manage risks based on the category and supplier.
Risk Assessment Processes for New Product and Service Requests
Many companies have some kind of process to identify risks related to new supplier requests, but they may not review the risk for additional products/services from that same supplier at a later point in time. This can lead to a false sense of security, since although the initial assessment of that supplier was positive, it now may not reflect the higher risk of that same supplier due to potentially new and higher-risk products/services being acquired.
Incorporating a risk assessment activity at the beginning of each product/service request for both new and existing suppliers can help companies identify and manage new risks effectively (see Figure 1 below). The trick is to make the risk assessment process simple enough and streamlined enough so that it does not become onerous or non-value-adding. In addition, there should be steps in the process that include some procurement or strategic sourcing subject matter review. This subject matter review helps ensure that the information provided and risks identified make sense. Also, this helps reduce requestors from “gaming” the process in order to get requests through the process as quickly as possible.
Initial and Ongoing Supplier Due Diligence
Companies usually complete some high-level initial supplier due diligence, but they may not go to the appropriate detail level. In addition, companies don’t always conduct ongoing supplier due diligence — or, again, not at the appropriate detail level.
The degree of supplier due diligence and frequency of assessment should be commensurate with the supplier tier and product criticality. For example, if a company spends a significant amount with a supplier, and that supplier provides critical products/services that directly impact that company’s revenue, then that supplier should be subject to a significantly more robust initial and ongoing due diligence program as compared to a supplier or category with much lower spend and/or little or no impact to a company’s revenue. In certain categories, there may be cases where even spending low amounts still requires a high amount of due diligence due to the overall risk associated with a given supplier. Some examples could include payment processing, hazardous waste and IT offshoring.
It is important to define the right set of indicators to get early intelligence on a supplier’s financial health. A common mistake is to rely exclusively on publicly available company financials. While necessary, that is not sufficient. The following are examples of items to monitor for a critical supplier or category:
- Supplier financials
- Insurance certificate
- Business continuity plan
- Audit report
- Subcontractors to be utilized (if applicable)
- Vendor management policy and program of subcontractors (if applicable)
- Past and current references
- Country risk assessment (if supplier is supporting you outside the US)
- Management turnover
- Product or plant closures
- Requests for payment term adjustments
- Deep discounting, etc.
In addition, when dealing with critical suppliers who have access to highly sensitive data (e.g., information technology, financial service operations, etc.), companies should also consider the following supplier due diligence items:
- Physical security policy
- Asset management policy
- Background screening process
- Access controls
- Information security policy
- Information security breach history
- Incident management program
- Business continuity test results
Balanced Category Scorecards
A balanced category scorecard is an effective tool to get a holistic perspective on total value delivered. A category is a common grouping of suppliers by a particular product/service. By developing a scorecard with appropriate categories, a company can better understand the value its suppliers are delivering.
This can also help in identifying and mitigating risks. Some risks identified may be common within a category, while some may be impacting just one or two suppliers, and this technique allows companies to make a distinction between broader, emerging risk trends and supplier-specific risks. A balanced category scorecard should also highlight the amount of supplier diversification and concentration a company has across various categories, which can also help companies respond quicker to emerging risks and help drive toward greater value. Figure 2 (below) is an example of a balanced category scorecard:
Robust Supplier Performance Reporting and Issue Resolution
For a company’s key strategic suppliers, utilizing a robust supplier performance reporting and issue-resolution process is a critical component to help balance risks and rewards. Companies should consider utilizing a multistep reporting and issue resolution governance approach like the following example for key strategic suppliers:
- Supplier daily report is developed and reviewed between supplier first-level management and company’s first-level management
- Majority of key questions and tactical issues are resolved in the daily meetings
- Supplier weekly report is developed and reviewed between supplier first- and second-level management and company’s first- and second-level management, and Procurement
- Some of the remaining key tactical issues are resolved in the weekly meetings
- Supplier monthly report is developed and reviewed between supplier first-, second- and third-level management and company’s first- and second-level management, and Procurement
- Any escalated tactical issues are resolved at this level
- Majority of strategic-related issues are identified and resolved at this level
- Quarterly monthly report is developed and reviewed with supplier senior management and company’s senior management
- Any escalated strategic issues are resolved at this level
For non-strategic suppliers and categories, less reporting and governance may be appropriate.
A “category pack” is a collection of external market research about a particular industry or sub-sector, including supply and pricing trends, competition, risks and key suppliers (see Figure 3 below). Developing and regularly updating a category pack provides insight into new information and trends within the marketplace. This can include emerging products/services, price changes and new risks. Because risks can arise from various causes — including inflation, government regulation, supplier consolidation, supplier bankruptcy, supplier’s supply chain issues, and supplier fraud or quality issues — gaining insight sooner to new information and trends enables companies to shorten their reaction time to new risks.
upplier Six Sigma Program
Another approach that can help reduce risk and drive significant value from strategic suppliers is implementing a supplier Six Sigma program. Six Sigma is a methodology that uses facts and statistics to measure, analyze and improve processes and to reduce variability in outcome. Using this methodology can help reduce supplier costs, improve supplier quality and reduce supplier risks.
The first step when embarking on a Six Sigma program is to identify a few key strategic categories and existing strategic suppliers on which to focus. Since this program requires investment of time and resources for both your company and the suppliers, one should consider focusing on existing strategic suppliers that can help you achieve sizable benefits. In addition, it makes sense to identify existing suppliers that have instituted companywide Six Sigma programs, since their Six Sigma knowledge, experience and tools already in place typically result in a shorter implementation time and higher probability of success.
The following are some additional key considerations when implementing a supplier Six Sigma program:
- Think big, start small, scale fast.
- Obtain management buy-in for the program.
- Use experienced supplier Six Sigma resources (e.g., Master Black Belts), either internal or external consultants, to help plan and implement your program.
- Develop a stakeholder assessment and communications plan for both internal and external (suppliers) constituencies.
- Partner with your suppliers to help identify what criteria and which Six Sigma projects to consider.
- Document and agree upon key milestones for project reviews.
A Competitive Advantage
Today a constantly fluctuating demand and supply market demands that companies have an agile and flexible supply chain, and one that derives more value from suppliers while allowing for proactive risk management. Those companies that unlock the value in their supply chains can save money, enhance quality, reduce risk, improve revenue and gain efficiencies. Realizing these significant benefits across the organization can be a critical, competitive advantage.
About the Author: Byron Tatsumi is a director with in KPMG LLP Advisory’s Business Effectiveness group. He has more than 18 years of industry and consulting experience. He can be reached at firstname.lastname@example.org. For more information on KPMG, go to www.us.kpmg.com.
KPMG Disclaimer: The views and opinions are those of the author and do not necessarily represent the views and opinions of KPMG LLP. All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. ¦