Supply Chain Risk Management
Supply Chain Risk Management

Managing Supply Chain Risk in a Platform-driven World

Henry Umney |

Managing your vendor network and supply chain used to be easier. You knew who all your suppliers were, you could visit their sites, and you knew them as individuals you’d worked with for many years.

More importantly, they knew you. Vendors understood the specifications you gave them; they visited your site to see how you would use their products and services. Maybe some of their employees spent much of their working week at your sites and offices, helping you make the best use of their services.

That’s all changed.

You and your suppliers work in a platform-driven world. This transition from a process-driven world to a platform-led world was explored by Peter Bendor-Samuel, CEO of Everest Group, who pointed to the new risks global supply chains have faced:

One area of evolving risk is the supply chain. Recently, for example, the devastating outbreak of COVID-19 in India highlighted the concentration risk that many companies had for third-party services in this market.

Intense competition drives the need for constant innovation, whether it’s in the form of new product functionality or delivering new cost efficiencies. This pressure increasingly means spreading the talent net much further and more widely thanin the past to get access to value-add capabilities at a competitive price.

Watch the Webinar: The Top 3 Reasons You Need Policy Management

What are the risks?

While a platform-led supply chain model offers excellent flexibility, it does not come without risk. To address this, many companies may use a mixed approach that features working with their traditional vendors and employing others via their platforms to fill in any gaps that emerge. This can offer the best of both worlds.

However you choose to balance these two approaches, third-party risk management is an important consideration. Platform-based relationships typically mean working with new suppliers in potentially new areas of the world or new sectors – whether for you directly or in the deeper 4th and 5th levels of your supply chain. As a result, new and unfamiliar risks may emerge too, especially in the increasingly important area of Environmental, Social, and Governance (ESG) compliance.

Here, issues around modern slavery, bribery, climate change, legal risk, compliance risk, and security risk can each conspire to create a range of operational, commercial, legal, or reputational headaches for your company.  This jibes with what we’ve heard in discussions with customers working with their supply chain to find that competitive edge or capability that fills a gap in their business process.

The need for visibility and transparency

The key to effective TPRM is visibility and transparency. You need to proactively monitor your vendor network and supply chain for potential and emerging risks based on the service or products they provide, their location, and the nature of the vendor network and supply chains they rely on to deliver their service to you.

Some of these risks can include:

  • Business continuity risk, if a site cannot be accessed, or goods delivered.
  • Commercial risk, where a supplier might be acquired or go bankrupt, putting their ability to supply you at risk.
  • Concentration risk, where a single service provider – for example, in cloud computing services – can impact multiple companies in your supply chain, making a recovery from an incident incredibly challenging.
  • ESG risk of violating regulations, industry policies or societal expectations.

The ideal approach is to monitor, in-depth and proactively, your vendor network and supply chain so that issues that emerge can be addressed swiftly. Issues you identify early can be fixed with less disruption to the business and the relationship, compared to those allowed to develop and potential fester.

This in-depth monitoring is supported by having well-documented risk profiles of the organizations that make up the supply chain. This forms the basis of the early warning systems that allow issues that emerge to be flagged in a risk dashboard. News events, business announcements, or issues raised by employees can be captured and consolidated to provide near-real-time monitoring of the risks within a supply chain. These issues can also be escalated into an enterprise GRC platform if necessary.

Robust supply chain risk solutions

Mitratech offers a range of powerful, proven, and robust TPRM solutions that help you navigate the risks of working in a platform-led supply chain and with a traditional supply chain model. Our solutions take the guesswork out of managing supply chain risk.

That’s especially vital in these volatile times, as more complex supply chains create more complex hazards for the modern enterprise.

Defend yourself against vendor and enterprise risk

Learn about our best-in-class VRM/ERM solutions.