Using Integrated TPRM to Get Ahead of the Global Supply Chain Crisis
Barely a day goes without a new story about the crisis in the global supply chain emerging. As the various parts of the world and different industry sectors recover from the pandemic at different speeds, we see the value – and the risks – that are core to the complex Just-In-Time (JIT) supply chains.
A JIT supply chain works at its best when all the elements are fully synchronized and working at a similar pace. The pandemic created a host of unprecedented challenges for businesses worldwide.
Supply chain risk caused by COVID-19
Throughout the world, supply chain risk has been caused and heightened by different factors. As the economy bounces back, the bullwhip effect ripples along supply chains.
Power shortages in China have affected production lately, and Brexit has played a major role in the shortage of truck drivers in the U.K. The U.S. and Germany are facing a shortage of truckers too, and Germany is also seeing backlogs at its ports.
The sudden contraction of international trade meant that many shipping containers were not in the right place for the recovery. Energy generation plants shut down rapidly as electricity demand curtailed sharply; the recovery now leaves them struggling as demand outstrips supply. The pandemic changed consumption patterns, as widespread home working accelerated demand for smart pads and laptops, diverting the supply of computer chips away from car production.
According to the Wall Street Journal, “Consumer spending on long-lasting goods in the U.S. rose 6.4% last year but domestic production of those goods fell 8.4%, according to federal data, leading to shortages and higher prices.”
Employment patterns have changed as people were furloughed, made redundant, or moved away. The headlines highlight the significant, short-term problems of supply chain risk and attendant disruptions. The medium- and long-term impacts will emerge in due course, which will affect how companies’ structure and manage their supply chains.
Preparing for supply chain risk with Third Party Risk Management
How can you manage your supply chain risk now to fix these significant problems and set yourself up to manage the longer-term impacts, such as managing the more flexible ways that companies will work post-pandemic? Third Party Risk Management (TPRM) will help you.
TPRM is not a new discipline. Speaking with customers and industry practitioners, there are significant changes in how companies are now approaching this issue.
How to approach Third Party Risk Management
Firstly, there is a greater focus on the deeper fourth and fifth tier relationships, where businesses do not have visibility of issues or a direct commercial relationship. These can be especially significant because several suppliers may share the same power infrastructure, the same cloud computing providers, or the same port of entry. If there is an issue with one fifth tier supplier, it can significantly impact your whole chain, not just one company. This concentration risk lies at the heart of many of the current headlines about supply chain issues.
Secondly, many companies are rethinking how best to manage TPRM issues. One model is to take a centralized approach, often directed by the risk or procurement function so that best practice and policy can be applied consistently across the business. The weaknesses of this approach have been highlighted in the last 18 months, especially recently, as those involved can easily be overwhelmed by the scale and frequency of issues.
The alternative is to consider a more decentralized approach where those who work with suppliers daily take more ownership of TPRM. This approach provides more capacity for managing issues, and close working relationships mean that problems can be identified and addressed sooner. It also means that companies can better understand the nature and scale of the large-scale blockages companies are experiencing currently. This can help them monitor issues more proactively and help them navigate through problems more effectively.
TPRM integration at the enterprise level
Another development inspired by recent headline supply chain issues is the need to integrate TPRM capabilities into the enterprise-level GRC management dashboard. This is especially important where the recent major supply chain issues begin to impact a company’s ability to fulfill its contracts, potentially triggering contractual, reputational, or regulatory issues.
In this situation, having the ability to have visibility of all risks, including its supply chain risks, allows the CEO and the Board to synthesize all the risks to the business. This allows them to create well informed options and plans to chart their way forward to a successful outcome.
Delivering these decentralized TPRM capabilities requires the use of SaaS-based platforms so that risk, procurement, and operational teams have ready access to supplier details, contracts and documentation, supplier risk registers, as well as the detail of corporate supplier policies.
Delivering these decentralized TPRM capabilities requires the use of SaaS-based platforms so that risk, procurement, and operational teams have ready access to supplier details, contracts and documentation, supplier risk registers, as well as the detail of corporate supplier policies. Companies also need to proactively monitor news feeds so that items about interruptions, incidents, or changes to the businesses in the supply chain, for example, can be captured.
Mitratech offers a range of powerful and effective TPRM solutions that allow companies to enhance their TPRM capabilities deep in their business and deep into their third, fourth and fifth level supply chain. The same capabilities can be integrated seamlessly into enterprise GRC platforms to help managers throughout the business stay on the front foot managing a complex and dynamic supply chain and supply chain risk.
Defend yourself against vendor and enterprise risk
Learn about our best-in-class VRM/ERM solutions.