Enterprise risk management is inherently about preparing for and mitigating both known and unknown risks. COVID-19 used to be an unknown risk – or a black swan event. Now, it’s morphed into a semi-business-as-usual situation where some risks can actually be predicted, whilst some are still lurking quietly.
In this article, we want to look at the process of managing vendors from two angles. See if it screams “risky business” as you read.
As supply chains become more complex and global, with multiple dependencies in their network spread across multiple parties and along multiple tiers, there is an inherent risk of the weakest link breaking the chain, causing a disruption to business continuity.
Case in point: when the UK’s second largest construction company – Carillion - unexpectedly collapsed in 2018, the ripple effects quickly left many other firms in dire straits. Notably, one of its suppliers – Vaughan Engineering – went into liquidation two months after, costing the supply chain more than £9 million in unpaid bills.
Closer to home, factors such as the “race to the bottom,” COVID-19, and unreasonable risk sharing between procuring parties and tenderers, have heaped stress on the construction industry. In fact, construction has the second highest level of insolvency despite being the third biggest GDP contributor (ABS, 2021).
Insolvencies rate by industry. Source: ASIC
Although there are fewer insolvencies this year, commentators have warned that when government support ends, the picture would be different again.
All the above goes to show that the risks can come from those up or down the contractual chain (i.e. your client or your subcontractor). Organisations tend to have less visibility as it gets further down the supply chain. And it’s not just financial stability that you have to look for in a partner.
Could this happen to you? Domino effect scenarios:
Our upcoming research paper provides benchmarking insights to help with vendor risk management best practices in construction & related sectors. Register to be notified when it’s published.
Although business continuity has become a pressing issue, just 1 in 6 organisations carry out due diligence on all key suppliers’ business continuity plans at the procurement stage.
In addition, the number of companies that did not mention business continuity in supplier contractual discussions or only did so after the purchase decision remains around 31% (Supply Chain Resilience Report 2021).
Source: The Business Continuity Institute
There is a tendency to buy things in bundles to take advantage of better pricing – just as in the consumer goods’ world. Generally, there are two procurement strategies deployed to deliver economies of scope and scale for buyers and suppliers respectively.
Definition box – Procurement strategies
Bundling: The grouping together of demand for diverse but related requirements into one package. This usually results in buying from a single vendor.
The benefits of such strategies are obvious, including lower prices, lower transactional costs, and less admin work related to managing multiple suppliers. However, there are hidden risks that if not managed well, could result in higher prices, among other undesirable long-term effects.
From a financial perspective:
From an operational perspective:
From a reputational perspective:
Industries that rely heavily on subcontractors and have dynamic supply chains like construction face unique challenges.
As we’ve examined throughout this blog series, some risk topics are highly visible and obvious. Others much less so.
It’s never more important to take a holistic approach to third-party risk management. Our upcoming research white paper aims to arm you with the data and analysis to put things into perspective, and hopefully, to inspire change.
Want to know when it’s published? Register here to be notified.
Procurement is undeniably one of the most crucial aspects of any business - regardless of any business factor, whether it is business type, customer base, financial model or otherwise, procurement is a significant part of what enables a business to provide value to consumers.
Previously, we have touched on the broad landscape of third-party risk management in the context of subcontractor-dependent industries. Now let’s zoom in on the specific “risk buckets” to see where the potential leaks are.
Be the first to know when we publish new insights.