Cost
and risk are two of the most fundamental principles of procurement. Even
minimal reductions in price anywhere in the procurement process can offer
significant rewards in terms of profits. But while there is temptation to cut
costs, risky deals can be bad for reputations and even result in prosecution;
particularly where safety legislation is involved.
Twenty-first-century procurement is significantly more complicated than a
simple cost-risk analysis. Procurement and supply management crosses a number of
different boundaries within an organisation, so risk and cost need to be looked
at in a much wider context. A good example of risk that crosses a number of
different boundaries within an organisation is corporate social responsibility.
The public will no longer stand for organisations that do harm to the
environment, for instance, or use slave labour, so issues like this must be
taken into account and aligned with economic efficiency. A recent Procurement
Leaders study found that 80% of respondents agree or strongly agree that it is
wrong for businesses not to take responsibility for unethical actions by their
suppliers. Procurement practice in the 21st century goes far beyond the mere
compliance.
Modern-day purchases no longer adhere to a traditional structure but are
tailored depending on industry and location, meaning different relationships
are necessary within the supply chain.
Supply Chain risks are often underestimated and not well defined, even by some
of the largest organisations around the globe. The figure below represents the
most important risks that can impact your supply chain and your business as a
whole.
Traditionally,
third-party-risk-audits cover financial, integrity, and operational issues. In
today’s environment, these domains should be defined as broadly as
possible.
For example, financial risk takes into account foreign exchange, currency risk,
and tariffs and taxes; as well as product price, mark-up, and rebates.
Integrity issues go beyond fraud alone to include risks associated with
regulatory compliance, conflicts of interest, brand, and reputation.
Operational risk addresses not only cost, efficiency, and contracting issues
but also business disruption risk and misalignment of supply chains.
Information risk should consider the accuracy, timeliness, and relevance of
data shared among parties. New technology risks will emerge as smart phones,
tablets, social media, cloud computing, and new types of technology continue to
develop.
Third-party relationships should also be assessed from a strategic point of
view to address risk that is related to market positioning, business models,
and the impact on society, the environment, and economies.
The adoption of a Supplier Risk Index can measure risk throughout your supply
chain and allow you to identify specific areas of concern. It can help you
proactively identify potential supply chain disruptions and risk – from natural
disasters to ethical, compliance and sustainability issues.
The implementation of an effective Third Party Risk Management Programme (TPRM)
can provide the following benefits to an organisation:
Contributed by: Andrew Hillman is
Managing Director of Bespoke and Publishing Editor of Bespoke
Procurement Bulletin
Article first appeared in Bespoke
Procurement Bulletin: 
