Supplier risk management has become an important activity for a purchasing department. Indeed, the stakes are high, the environments uncertain and variable, the complexity increasing (internationalization, outsourcing, regulations, etc.) and above all, companies must protect their external sources and resources as well as their image with customers.
The 5 areas of supplier risk
Managing risks involves conducting regular and structured assessments, or at the very least, reflections, on these key areas to concretely identify potential sources that could impact the delivery of the purchased product or service. This analysis must be complemented by market monitoring of key strategic suppliers to enable a rapid response should a problem arise.
Risks can be grouped into five main areas:
• economic
• financial
• technological, logistical & quality
• regulatory
• operational
Economic risks are macroeconomic risks (market downturns, exchange rate fluctuations, weather events, political risks in certain countries, etc.) that can significantly impact the price or supply of certain products. These risks are often mitigated by developing contingency plans (Plan B – forecasting).
Financial risks correspond to situations where your company changes its strategy or product/service (for example, relocating an activity will impact the distribution chain, a new product will involve investments with suppliers).
Finally, if your supplier’s financial health is too fragile, they may become over-indebted and face business closure. Financial risks are mitigated through a sound economic analysis of your main suppliers (SRM).
Technological, logistical, and quality risks are directly related to operations: obsolete or overly recent technology with uncertain reliability, unpredictable deliveries (logistical risks, risk of stock destruction, unsold goods, etc.), or insufficient quality of delivered products (incidents, rejects, etc.).
Regulatory risk involves a lack of awareness of a country’s, legislation’s, or sector’s regulations, or neglecting the contractual aspects of a relationship. It can be mitigated by being vigilant and informed, drafting contracts, and having a thorough understanding of the various regulations that apply to different professions (such as the 1975 subcontracting law 1334 for service provision and temporary work, the Dutreil 2 law favoring SMEs in relation to large retailers, and the intellectual property code for consulting firms).
Finally, business risks are linked to poor management of supplier relationships (unclear objectives, purchasing policy poorly communicated internally or not respected) or poor operational management (lack of dashboards, lack of professionalization of buyers, lack of handling of disputes or conflicts, lack of control of suppliers, lack of monitoring of deliveries, etc.).
Better anticipation: using risk analysis tools
Failure Mode and Effects Analysis (FMEA) is a widely used tool in the industrial world, and it also allows for risk analysis in the purchasing department. Specifically, an FMEA analysis takes place in 3 stages:
We can also construct a risk matrix (probability vs. impact) and define crisis exit plans. For the most critical failures, we implement a three-level emergency response plan:
1. Prevention: before the event – awareness-raising, detailed field studies, minimum stock management…
2. Mitigation: during the event – list of possible actions to mitigate the impact
3. Recovery: After the event – generally, we anticipate by having on hand at that time a list of suppliers who can quickly take over.
Some best practices
• Regularly check safety stock levels: are the minimum/maximum levels still defined, are stock levels reliable, are production peaks anticipated…
• Follow payment deadlines: a supplier paid irregularly, late, may easily be a supplier less respectful of their part of the contract, of respecting deadlines or quantities… you could even become a source of their failure.
• Contractualization: By basing your contracts on clear and fair rules, you create the conditions for mutual trust, and you are also assured that your interlocutor will react quickly in case of malfunction.
• Insurance: Obviously, insurance only covers known and already identified risks, and it has a cost that can be significant, but it can be of great help in certain circumstances. Furthermore, some types of insurance are mandatory.
• SRM: The last good practice we will mention here is that supplier relationship management tools are important aids in risk management, supplier monitoring and monitoring the quality of relationships.