Finding The Supply Chain’s…Known …Unknowns

Finding The Supply Chain’s…Known …Unknowns

Recessions, floods, strikes, export restrictions, quality control, commodity shortages and product complexity — supply chain risk comes in all shapes and sizes.

Global outsourcing has changed the supply chain risk profile. Disruptions have increased in frequency and impact, from shipment delays to full-blown disasters such as automobile recalls and tainted drugs, as low-cost country sourcing has increased exposure to security threats, pandemics, natural disasters, data security breaches, demand variability and supply fluctuations.

“Uncertainty has increased dramatically,” said Gary Lynch, managing director of the supply chain risk management practice at Marsh, a global insurance broker and strategic risk advisory firm. “You hear daily about flow of goods disruptions or product safety issues.”

Last week’s New Zealand earthquake crumbled infrastructure at Lyttelton, a major southern gateway port that handled 9.8 million 20-foot equivalent container units in its most recent year. The 2010 eruption of Iceland’s Eyjafjallajokul volcano disrupted aviation throughout Europe, affecting shipments of pharmaceuticals, flowers, fruit and other goods. Last year, India imposed prohibitive export restrictions on cotton, provoking a furor among global textile organizations. And export restrictions imposed by China on critical rare earth metals sent shudders through the U.S. and Japan, leading the U.S. Department of Energy to warn of severe supply disruptions unless the two nations increased domestic extraction

China produces 95 percent of the world’s rare earth minerals, raw materials essential to the production of hybrid cars, wind turbines and solar cells, and used by the oil refining and defense industries. A 2010 DOE report warns of severe supply disruptions unless global supply chains are diversified and the U.S. and Japan increase domestic extraction.

“Threats to the supply chain are fundamentally unpredictable,” Lynch said. “We know disruptions will occur, but there are too many variables to know the impact on the supply chain.”

Related: Finding the ‘What-If’ Questions.

The supplier base shifts with each new auto model and engineering change, introducing new risks into the supply chain, said Jeff Hurley senior vice president, automotive, for CEVA Logistics.

The learning curve is steep for new suppliers trying to comply with the exacting requirements of original equipment manufacturers in the automotive industry. CEVA moves hundreds of containers per week for automotive suppliers from China and India to Mexico and South America. New suppliers are needed as automotive parts volume coming from Asia has nearly doubled since the beginning of the recession in 2008.

Hurley likens the supplier base in emerging markets to the U.S. supplier base in earlier days of the industry, when compliance was hit-and-miss. Now, domestic accuracy is high. But today’s longer supply chains mean capacity on ocean liners is a growing risk factor, and something that must be managed proactively.

“If you’re not proactive, you can be on the outside looking in and forced to go to premium modes of transport like air freight,” Hurley said.

Too often, it takes a calamitous event such as last week’s New Zealand earthquake or the 2010 volcano in Iceland to get companies to think seriously about supply chain risk management, said Chris Monk, director of supply chain practice for Protiviti, a global business consulting and internal audit firm specializing in risk, advisory and transaction services. “Some companies are still hesitant to pull the trigger unless an event drives them off a cliff,” he said.

Companies often don’t know how to begin implementing risk management procedures, a process complicated by silos in organizations and overlap between product lines, department and regions. With corporate budgets tight, risk and supply chain managers have a difficult time making a case for something as seemingly intangible as supply chain risk management.

Highly regulated vertical industries such as pharmaceuticals, biotechnology and life sciences have been quicker to embrace supply chain risk management principles and practices.

Protiviti uses “high-impact, progressive internal audits” to identify and assess supply chain risks in several areas. One area is procurement, which holds a large degree of inherent and specific risks, including high-profile, less-controllable risks such as terrorism, port closures and natural disasters, all of which create a high degree of uncertainty.

But most supply chain risks are of the everyday sort and are controllable even though they are potentially highly disruptive. These include total landed costing, regulatory, legal, planning and forecasting, supplier qualification, obsolescence, data and technology.

Although most assessments of procurement practices focus on compliance with policies and procedures, high-impact assessments incorporate an organization’s overall goals.

Protiviti defines six components of supply chain risk management: strategy and policy; business processes; people and organization; information for decision-making, measurement and control; methodologies and tools; and systems and data.

A strategic procurement risk might be one without executive-level support not aligned with other business strategies. A process risk could be lack of controls in contracts or spend category management, while a technology risk would be systems that fail to adequately support procurement.

There are no generic blueprints for supply chain risk management. Strategies must be tailored to an organization’s overall business model and strategy.

Companies achieve different levels of capability for each supply chain component. For example, Company A might want to be best-in-class in business processes, while Company B seeks only the industry standard. Systems and data might be a competitive differentiator for some companies and a survival mechanism for others.

Indicators that it’s time to address risk on a systemwide basis include an increase in supplier lead times, capacity issues, regulatory changes, sole sourcing arrangements and supplier quality issues.

Tim Brown, a principal at Atlanta-based consulting and technology firm Chainalytics, said companies face ongoing risks with costs and capacity in transportation and can use procedures such as contracting and implementation of technology to mitigate risks inherent in shipping operations. The company said a sensitivity analysis related to supply, demand and cost volatility to optimize network design and planning can address the needs in a particular network.

That requires data, and Brown said the visibility tools that help manage the flow of goods also can provide valuable information about how risks may rise and fall throughout the supply chain. “It’s kind of surprising that more companies aren’t leveraging visibility, especially with the 3PL tools and capabilities out there,” he said.

At UPS Supply Chain Solutions, risk management is woven into all services, said Scott Aubuchon, director of global forwarding marketing. That includes management services for transportation, global information, distribution and supplier and regulatory compliance.

With its global resources, UPS Supply Chain Solutions takes a tactical approach to supply chain risk management, such as providing critical links between buyers and vendors for establishing processes and visibility down to the purchase order level. During the recession, as volatility in supply and demand created havoc in supply chain planning, the company was able to move its customers between modes to avoid excess inventory or stock-outs, especially in wholesaling and retailing.

A critical component of risk management is cross-functional planning. UPS-SCS provides the tools for sharing best practices between divisions that may not be able to individually see all the pieces of the puzzle. “We like to think we can help break down silos and consider broadly all the different aspects of risk and cost,” Aubuchon said.
Marsh Risk Consulting’s Supply Chain Risk Management Practice solutions are designed with three primary goals in mind; to ensure the stability of supplier relationships, to maximize risk management investments, and to implement strategies that are risk-intelligent, agile and resilient.

The insurance industry has introduced a variety of products to mitigate supply chain risk. Risk mitigation models and contingency plans are built around a “threat-neutral” concept that considers the maximum loss potential at multiple breakage points such as a transfer facilities or ports.

“Threat neutral looks at the systemic impact side of the equation, regardless of the event that causes the disruption,” Lynch said.

Risks to supplies of commodities such as food, fuel, lumber and bulk cargoes are managed through hedging and other finance vehicles, but true risk mitigation must start earlier with value assessments that connect raw materials to critical products, revenue streams and other value drivers. The value of raw materials and finished goods to the organization as a whole must be quantified for supply chain risk management to be effective.

“If you don’t connect materials to value drivers, you might be putting lots of effort into managing commodities that don’t translate into strategic products or profits,” Lynch said. “The way an organization defines itself in the market has to be the driver of supply chain risk management.”

Before the recession, companies were most concerned with quality and supply risk, which resulted in such tragedies as the linkage of more than 80 deaths to contaminated batches of the blood thinner heparin that were sourced from China. The focus shifted to operational risk related to financial disruptions such as liquidity and solvency.

Contact David Biederman at