Supply Chain Risk Management and World Events

Stephen DeAngelis

October 19, 2012

“In case you haven’t noticed,” writes Dan Gilmore, Editor-in-Chief of Supply Chain Digest, “the world is growing crazy – and that is making supply chain risk management even more impossible than it already is.” [“Supply Chain Risky Business Part 2,” 21 September 2012] Gilmore recommends that companies ask themselves, what the “potential supply chain ramifications [might be] if Israel does in fact launch a military strike against Iran’s nuclear facilities sometime soon.” He rates the chances of such an attack 50/50. You might be saying to yourself, “I don’t do business in Iran. The effects of such a strike would be minimal.” Gilmore recommends not jumping to such a quick conclusion. Here are some of the ramifications that Gilmore believes would result from such a strike:

“• Oil prices will immediately soar to somewhere between $150-200, according to oil industry expert Stephen Schork.

“• How long it stays up there will depend on how Iran responds and how effective that response is. Direct attacks on Israel, for example, or any successful mining operations will prolong/expand the impact.

“• Oil not only impacts transport costs but those of many other inputs/materials (e.g., plastics) that need to be considered. Ports will be on high alert, and the flow of goods will slow for some period, perhaps substantially.

“• Demand in the Middle East will drop dramatically for most things for a while. How much? Who knows? If you have supply sources there, you could also see disruptions as well. Procter & Gamble had to close factories in Egypt for some time earlier last year during the Arab Spring.

“• There could be disruptions in other Muslim countries in response to the attack (e.g., Pakistan, Indonesia), expanding the disruption zone. Apparel companies beware.

“• As always, you have to consider not just first tier supplier disruptions, but second and third tier ones.”

Gilmore is not the only analyst who sees “the world growing crazy.” Back in December, the staff at Supply Chain Standard reported, “International supply chains face intensifying volatility in 2012, driven from above by political instability and economic uncertainty, and from below by social protest and increasing scrutiny of corporate practices, according to consultancy Control Risks.” [“International supply chains face intensifying volatility,” 5 December 2011] Control Risks’ chief executive, Richard Fenning, highlighted three areas of risk he expected to see in 2012. They were:

“• The growing significance of cyber and information security threats, arising from both criminal and ‘hacktivist’ groups, as well as the security and integrity challenges presented by pervasive online social media, which include data theft, fraud and reputational damage.

“• Rising prospects of government intervention in business through changes in regulation, tax policy or contracts, driven by mounting public hostility towards companies and investors as well as fiscal pressures.

“• Increased labour unrest stemming from trade unions battling wage and benefit cuts, as well as low income workers – especially in emerging markets – pressing for better conditions, labour rights and personal dignity.”

Fenning was pretty accurate with his predictions. Hackers have certainly continued to cause concern, both with governments and the commercial sector. And recent events at Foxconn have demonstrated that labor unrest may indeed be on the rise. As for government intervention, it could have been worse. The lingering economic slowdown and accompanying high unemployment rates have more governments working with businesses to create jobs than targeting them for new regulations. If things turn around, however, that could change. Gilmore adds a few more events worth keeping in mind.

“• Exploding protests and violence against the US in many countries that may settle down – or escalate.

“• China and Japan are battling over control of a group of islands in the Pacific, and no kidding China is said to be preparing for potential war against Japan over the issue. Wonder how that might impact lead times out of China. Japan, by the way, is having a big national debate over China sourcing as a result.

“• Meanwhile, growth in China is dramatically slowing, which will be bad for companies looking for their own growth in China. There is also growing risk that many manufacturers there will go under as export volumes crash – maybe your supplier, or your supplier’s supplier. Exports in China rose just 1% in July and 2.7% in August – from over 20% in both months in 2011. That is looking a lot like a ‘hard landing.’ China has too much capacity in many sectors.

“• Never ending severe financial woes in Europe. I am frankly sick of hearing about it.

“• The US has just filed a major trade complaint at the World Trade Organization against China relative rules-breaking subsidies for its auto parts exporters, and China reciprocated with complaints relative to a number of US products. Many believe the US-China trade imbalance is unsustainable, and perhaps protectionist policies will become a weapon to be used.”

Gilmore writes, “There’s more – but how many risks can our supply chains really comprehend or manage?” He continues, “We can’t even write about them fast enough – how can supply chains possibly manage them well?” Despite all the risks and the impossibility of being able to identify (let alone predict) them, Gilmore laments the fact that supply chain executives continue to get called on the carpet when disruptions occur. He continues:

“We have this extreme need to mitigate risks, but in reality there are simply too many of them to understand let alone mitigate, and relatively little ‘best practices’ or tools to apply to the battle. One of my favorite quotes in recent years was from a Toyota executive last year after all of the supply chain fallout from the impact of the earthquake/tsunami in Japan, which cost the company – vaunted of course for its supply chain excellence – billions of dollars. ‘We thought we had control of our supply chain,’ he said. ‘It was an illusion.’ For how many other companies is this true?”

Gilmore notes that many businesses are so large that it’s really impossible for a group at corporate headquarters to deal with all the potential supply chain disruptions that could occur. Despite all of the challenges, Gilmore isn’t recommending throwing up your hands in defeat. He recalls listening to one company that came to the conclusion that centralized risk management was unmanageable and, as a result, “set up a structure, templates, etc. for different sites and functions to develop their own risk management plans. ‘Corporate’ then created an audit program to check whether those sites and functions were getting their risk work done. Maybe that is the only answer. Decentralize it.” Gilmore concludes with an example of what he considers a good effort. He writes:

“Goodrich (just recently acquired by United Technologies) has developed a very nice service that provides an internal ‘risk register’ that details events and developments that could pose supply chain risks, from a supplier’s financial troubles to political developments in a given region. It doesn’t mitigate the risk, but it provides a very comprehensive list of all the risks that are looming out there. That can then at least enable companies to see all this whirl, and proactively decide what they need to or can take action on, and which they can’t or shouldn’t. There are also third party services out there (e.g., Dow Jones Supplier & Risk Monitor) that can provide at one level similar information, but what Goodrich is doing is in an even more company-specific context. I hope Goodrich can maintain the staffing and energy to keep the fine effort going.”

With all of the complexities involved in supply chain risk management, one assumes that big data analytics could (should) play a large role in helping keep risk managers alert to potential problems. A learning system that monitors events (such as those contained in the Goodrich system) and then estimates potential impacts and alerts the proper people would go a long ways towards reducing the complexity discussed by Gilmore. In the book Supply Chain Risk: A Handbook of Assessment, Management, and Performance [edited by George A. Zsidisin and Bob Ritchie], two tools are recommended “for the estimation of risks: Data Mining and Failure Mode Effect Analysis (FMEA).” [“Predicting and Managing Supply Chain Risks,” by Daniel Dumke, Supply Chain Risk Management, 21 November 2011] Although the book indicates that “the role of data mining is to analyse historical data, to improve prediction capability,” it should go beyond historical data to analyze real-time information as well. The fresher the data the better. One of the book’s authors, Samir Dani, proposed a proactive prediction system that looks a lot like a foundation for a learning-and-alerting risk management system. Dani’s system is shown in the following diagram.

SCRM methodology

Gilmore concludes, “I am sensing that supply chain risk management is becoming overwhelming. It’s like we would need a whole team of people to really do it well, and even then it is impossible to really well manage a complex supply chain. But there are two foundations, and those are fully mapping and modeling our supply chains, which offers a path to at least partial success.” I would add a third foundation: a learning-and-alerting risk management system. Most companies have the data (or can obtain it) and that data needs to be put to better use.