Supply Chain Risk Management: Planning for the Unknown

Stephen DeAngelis

February 5, 2015

“While the risk of business disruption can come from anything ranging from natural disasters to economic and political crises,” writes Daina Lawrence (@DainaCLawrence), “the big question many business leaders ask is how to plan for the unknown.”[1] The answer to that question, of course, is that you can’t plan for the unknown. That’s why it’s unknown. Since businesses can’t simply throw up their hands in surrender in the face of the unknown, what can they do? For one thing, most sources of supply chain disruption are not really unknown. Exact circumstances are unknown. Exact timing of events is unknown. But generally businesses have a good idea of the types of events and activities that can cause supply chain disruptions. That makes risks a bit more manageable. The length and breadth of a supply chain determines, in large measure, the amount of risk to which it is exposed. “In going global,” writes Eric Jones, Vice President and Global Manager of FM Global’s Business Risk Consulting (BRC) practice, “companies have not actually decreased their risk profile but actually increased it.”[2] He explains:

“Broadening exposures can actually drive total risk higher, either by actual exposure to new perils or simply by making existing risks more difficult to quantify or manage. That is especially true of global supply chains, through which goods or services often come from countries with low per-capita income, weak regulatory control or where the quality of risk management practices — as well as building codes and standards — are weak or nonexistent.”

The simplest way to manage risks in emerging economies is to avoid them altogether. That is also a good way to miss out on opportunities that exist in emerging markets. Paul Napper writes, “Managing a supply chain in today’s global economy is fraught with difficulties. Supply chain managers have to maintain a balance of cost, agility, and sustainability, as well as manage the logistics and the manufacturing footprint. All these issues come with their own problems, but overall the trade-off is cost versus risk.”[3] Napper believes that successful companies will have to venture into emerging markets to be successful. He explains:

“To strike a chord between cost and performance, supply chains have to be inventive. That means essentially going out into new markets, using new local suppliers, and accessing new customers. Invention comes at a cost, as these are new, unexplored areas of risk. So risk management is an important part of supply chain management in a global context. As organizations strive for new opportunities for a more effective supply chain, so risks are more prominent. Who is that new local supplier? Can they be trusted with your product? The new country you’re now operating from — what are the geographical risks? The political risks? The legal risks? Any supply chain manager worth their salt would have scoped out the potential for supply chain innovation in a new region or new sector and calculated the potential risks and mitigated them. … Essentially, global supply chain disaster comes when companies least expect it. They have done due diligence, they have calculated potential geopolitical issues. But — and here’s the kicker — supply chain managers can use the risk for their benefit. In business, first-mover advantage is important — beating the competition to a new market leads to a new customer base. If organizations can manage the risks — the known risks, and the unknown potential disasters, there is a reward to be had. So organizations have to be innovative, lead the way, meet the risks head-on and take that reward.”

In addition to chronic problems, like quality assurance, regulatory control, and weak risk management practices, many so-called low-cost countries are also subject to political turmoil and other crises which can cause disruptions. Alan M. Field writes, “Few years in recent history have offered up as broad a smorgasbord of security crises as 2014.”[4] He points out a few such crises:

— The surprising ascent of the Islamic State, the most disruptive and violent new group of terrorists in more than a decade.

— The resurgence of militarism in Russia, which seized Crimea from Ukraine and further destabilized that country by provoking a separatist civil war within its borders.

— The shocking spread of the Ebola virus in Africa, which threatened to wreak havoc on supply chains and societies throughout that continent.

— A revival of political tension between China and Japan concerning tiny, unpopulated islands long claimed by both governments in the South China Sea.

— The surprising collapse of global oil prices, which threatens to further disrupt the economies of Russia and Iran, and weaken economic ties between Saudi Arabia and the West.

Field adds, “Despite such threats, the global economy has managed to sputter along with few disruptions for global shippers.” He then asks the big question, “Are things likely to get worse in some regions of the world, and, if so, how?” One the regions in which political conditions are likely to improve is Asia. Rodger Baker, a geopolitical analyst at Stratfor, told Field that he expects China to “re-engage diplomatically with the countries of the region.” Baker’s one caution is that piracy may see an uptick in Southeast Asia. That is unwelcome news since piracy has been on the decline the past couple of years.

 

In the Middle East, Baker sees things getting worse as ISIS continues to spread death and destruction across the region. Fortunately, he doesn’t believe that ISIS yet has the reach to disrupt maritime trade. Walter Kemmsies, chief economist at transportation infrastructure consultant Moffatt & Nichol, told Field that ISIS isn’t the only challenge facing the Middle East. He believes that falling oil prices will also cause instability in the region “with menacing possibilities for the global economy.” The situation in West Africa doesn’t look much better. Declining oil prices will also have some affect there, but the big challenge will remain the ebola crisis. As a result, Baker believes “we will see some pretty substantial disruptions” in the region.

 

Up to now I’ve basically discussed physical risks and disruptions. Steve Durbin (@stevedurbin), Managing Director of the Information Security Forum, reminds us that there are cyber risks as well.[5] He identifies five such risks: 1) Cybercrime; 2) Privacy and regulation; 3) Third parties; 4) Bring your own device (BYOD); and 5) Staff engagement. With so many different kinds of risks facing companies, let’s return to the question that Daina Lawrence posed at the beginning of this article, “How do you plan for the unknown?” Richard Nason, a partner at financial risk consulting firm RSD Solutions, answered Lawrence’s question this way:

“I think one part of it is to have a creative imagination. Basically, create lots of stories and scenarios, and the richer your stories, the better. Not because they’re necessarily going to come true, but it gets to what I call the first law of risk management: the mere fact that you acknowledge that something might exist, you automatically increase the probability and magnitude of it happening if it’s a good risk and decrease the probability and severity if it’s a bad risk. The things that are there and existing all the way along, you then are in a better position to notice them and see them. Mathematicians understand the mathematics, but they don’t necessarily understand business. Whereas the grey hairs who understand business, don’t understand the mathematics. To manage this better, you need better integration between what I respectfully call the grey hairs and the PhDs.”

Although I’m a big fan of using “what-if” scenarios for supply chain risk management planning, such discussions are not sufficient to prepare a company for disruptions. Those scenarios need to be accompanied by detailed continuity of business plans that lay out how a company will respond and who is responsible for each required action. Once those plans are developed they need to be exercised. A plan sitting on a shelf isn’t helping anybody. Finally, global conditions need to be continuously monitored to detect unfolding events. Time and again the companies that have recognized emerging challenges and acted quickly to mitigate their negative impacts have emerged even stronger and in a better competitive position. We can’t know what lies ahead or how events will unfold; but, by exercising our plans we can better prepare those responsible for administering them to react to unexpected twists and turns.

 

Footnotes
[1] Daina Lawrence, “What’s the biggest business threat in the near future?The Globe and Mail, 6 August 2014.
[2] Eric Jones, “What is the most crucial goal for supply chains?” Property Casaulty 360°, 8 January 2015.
[3] Paul Napper, “Risk management in an evolving global supply chain,” Business Reporter, 13 January 2015.
[4] Alan M. Field, “2014’s geopolitical risks stir 2015 supply chain concerns,” Journal of Commerce, 2 January 2015.
[5] Steve Durbin, “View: The top five IT threats of 2015,” The Financial Times, 31 December 2014.