Uncovering the Hidden Risks in Your Supply Chain

December 17, 2021
Greg Holt

Companies worldwide are struggling to answer one question: “what are some supply chain risks we need to know about?” Supply chain disruptions and the risks posed to your business from external parties have become board-level priorities. Slowdowns, delays, and supply shortages have squeezed revenue growth, product availability, and consumer shopping habits. Failures have led to shaky shareholder confidence, hits against brand reputation, and even regulatory non-compliance. In the most visible cases, the fallout from unforeseen disruptions has become headlines on the evening news and even dinner table discussions.

For the better part of the last two years, procurement and supply chain organizations have been working overtime to gain control over an increasingly stressed supply chain. Many of the fire drills currently run behind the scenes have averted business crises and kept businesses running as close to full speed as possible in these challenging times. But the work isn’t done yet.

Supply risk has come to the forefront, with more resources, eyeballs, and planning cycles devoted to gaining an early warning of future disruptions. The big question on everyone’s priority list: What are some supply chain risks that we can’t see, and how do we gain the visibility necessary to mitigate them?

What are some supply chain risks that tend to be hidden?

Vulnerabilities across your supply network are everywhere, and surprisingly, many of them are hiding in plain sight. The risk factors that tell you about these risks get overlooked thanks to a lack of data and visibility. In most cases, organizations can easily find these risks with the right tools.

Think about the typical supplier risk assessment process. What are some supply chain risks that companies want to find? Even if there are a few common answers, the process is anything but typical.

Suppliers undergo reviews for financial health, the ability to meet restrictions and regulations, and absence from any sanctioned lists. Some suppliers are reviewed for ESG scores. Surveys are sent and responses are reviewed. Internal evaluations may highlight previous performance issues. Critical direct material suppliers get a closer look, including site visits, samples, and prototypes.

But the consistent factor is the inconsistency even within the same procurement organization.

Of course, we have to prioritize, especially when global procurement treams are assessing and onboarding potentially hundreds of suppliers each year.  Data is hard to come by, and time is a scarce resource.  So, we prioritize which suppliers get a cursory review and which get a thorough look across multiple risk indicators.

One of the primary supplier risk “‘wish list”’ items I hear from procurement teams is their desire to deliver a more consistent and thorough approach to assessing suppliers across different risk factors.  Gaining instant access to multi-factor risk assessments would enable them to make better decisions while reducing the time and effort of identifying hidden risks to their businesses.  They could evaluate each new supplier more thoroughly without slowing down the onboarding process or reducing their overall throughput with such visibility.

Layers upon layers of shadows

The next ‘wish list’ I often hear is to shine a light on the suppliers that are in play across the extended supply network.  Sub-tier suppliers carry the same vulnerabilities from financial, operational, cyber, ESG, and geopolitical risks, but the shadows are darker and deeper because of their indirect relationship.

A study from the Business Continuity Institute* reported that “40% of COVID-19 related supply disruptions occurred beyond tier 1” suppliers.  Our 2021 Annual Global Supply Chain Report found that visibility into extended supply chains and sub-tier suppliers is becoming critical for procurement organizations.

But across the board, accurately identifying sub-tier suppliers has been one of the biggest challenges for procurement and supplier risk management professionals.  Think about the time and resources required to assess your first-tier suppliers adequately.  Now, extend that to multiple tiers of suppliers with whom you don’t have any organizational or contractual relationship to leverage.  Ugh.

Yet disruptions within the sub-tier supplier network can cause ripple effects across multiple nodes within your supply chain.  Even with multi-source strategies in place, an unknown sub-tier supplier supporting your primary and alternate suppliers creates a single point of failure that may be completely hidden from view.

Illuminating your entire supply network

Developing a more consistent approach to identifying potential supplier risks and vulnerabilities can help protect your business from supply disruptions, unnecessary costs, and reputational harm.

Start with developing a single view into supplier risk across multiple risk factors for all suppliers. Build upon that to identify the relationships and interdependencies across the extended network of sub-tier suppliers that support your business. Assess those sub-tier suppliers against the risks that can cause ripple effects up and down your supply chain.

Use fresh, external data to supplement self-reported survey responses and data collected during last year’s annual reviews. Keep this data fresh, and systematically monitor it in a way that enables you to identify material changes that increase the risk of supply disruptions or events that need quick reaction to stem the impact to your organization.

Map, Monitor and Model; that’s what we call this at Interos. The Interos Operational Resilience Cloud can help you uncover the hidden risks across your extended supply network and shine a light on the vulnerabilities and potential disruptions before they cause harm to your business. Again, it’s not enough to know what are some supply chain risks that could threaten your organization; you need to know all of them.

Go deeper on this topic to explore the hidden risks that lie within and across your extended supply network, how you can uncover those risks, and ultimately reduce your exposure to the unknown. To learn more about Interos, visit Interos.ai

*Supply Chain Resilience Report 2021, Business Continuity Institute, www.thebci.org, February 2021

View next

Ensure Operational Resilience

Request Contact

Build operational resiliency into your extended supply chain:

  • 889 compliance – ensure market access
  • Data sharing with 3rd parties and beyond – protect reputation
  • Concentration risk – ensure business continuity
  • Cyber breaches – assess potential exposure
  • Unethical labor – avoid reputational harm
  • On-boarding and monitoring suppliers – save time and money