Redefining Procurement Series: Managing Risk
Surrounded by business closures, law suits and a plethora of compliance / regulations, many C-level executives have reprioritized risk mitigation and aversion tactics much higher up their agendas. Increasingly, given that virtually anyone in an organisation can purchase something, there is a growing need for procurement to get involved in big ticket items as well as educating stakeholders about the impact of risk on business objectives.
At a time when many businesses are shoring up wavering P&Ls (particularly those in Retail) the smallest hint of additional, unplanned risk increases the chance of breaking an already weak chain.
In the procurement world when we hear the word 'risk', we naturally think in terms of:
- Currency fluctuations and dramatic shifts in economic stability
- Commodity price increases
- Political instability
- Assurance of supply and knock on effects further down the supply chain
- Cash flow
- Legal and regulatory compliance
Procurement’s role when looking at these sources is to educate the business of these risks and have a plan of action ready to enable the business to run just as effectively while ensuring risk aversion behaviours are being implemented.
However, looking outside these macro issues and back into the business, there are other subtle sources of day-to-day risk which often go unnoticed at the time of transaction by our stakeholders and in some cases our own teams:
- Supplier on-boarding: Disparate and dispersed (or rouge) supplier on-boarding activity means the opportunity for risk to come into the business is magnified. This creates the possibility of inconsistent service levels and quality of goods, specification creep, increased financial outlay and (if the supplier has anything to do with your customers) brand damage.
- Discounts: In a recent interview with a large pharmaceutical company there was an example of a large purchase (driven by the desire for bigger discount) being made for a medicine in which demand was forecasted to grow. When it instead declined, they were left with the burden of storage, disposal and the overall cost of the stock.
- Network security (technology): The extension of digital capabilities outside the businesses network is often required when working with external suppliers. However, with every new computer-to-computer interaction (from outside the network) there is a risk of security breach and hacking.
- Safety (people): In industries such as construction and mining, the safety of people is number one priority. In a recent interview with a FTSE 100 construction firm, it was noted that procurement is now not only responsible for the materials and equipment that is purchased but also the knock on impact those items or services have on the safety of people on site.
- Suppliers going bust: With the recent bout of companies (particularly retailers) closing their doors, suppliers are also feeling the sting, with ripples running right down the supply network in some cases, resulting in the supplier not being able to finance their operations effectively and as such being forced to close their doors.
There are several barriers facing a procurement professional when managing these risks. During a recent financial director summit, a FTSE 100 bank pointed out three key groups which pose the biggest barriers to effectively managing risk:
- Lack of tangible benefits
- Lack of buy-in at the top levels
- Lack of ownership and responsibility for risk management
- Limited clarity and simplicity of approach
- Lack of clear vision or plan
- Lack of access to key people
- Lack of skills and capability
- Lack of funds
As a procurement professional, your role is to educate your customers (stakeholders) as to all possible risks that may impact the performance, financial state or reputation of the organisation. Although applying a correct sourcing methodology including thorough due diligence to new supplier on-boarding makes sense to you, many of your stakeholders do not see what value this brings in pursuit of achieving their objectives.
Ultimately gaining Board buy-in is vital to effective delivery – this requires a clear definition of expectations and a demonstration of the need as it applies to the organisation's objectives (i.e. how do these risks threaten to inhibit the organisation reaching its goals AND how can accounting for risk assist in achieving the same goals). There is no need to write long winded, wordy documents – define the needs quickly and succinctly, highlight responsibilities and accountabilities, and build in metrics based on service performance, financial results and impact on the reputation of your organisation.
As you can imagine this cannot be done within a bubble, you will need to go out into the business and understand risk as it applies to each of your stakeholders and work towards a solution from there, taking them on the journey.
What are some of the key barriers you have faced when educating your stakholders about risk management - and how were you able to overcome them (if at all)?