How to manange risk in turbulent times

by Jacob Stoller

Supply chain has become a household word as game-changing events – pandemic, lockdowns, floods, war – are increasingly causing shortages that impact people’s daily lives. The trend has promoted supply chain disruptions to front page news and caused organizations to re-think how they assess and manage risk.

For supply chain operators, omnipresent risk is nothing new. What’s changed is the surge in highly improbable events that have enormous wide-ranging consequences.

“Managing uncertainty has always been a supply chain manager’s role and responsibility,” says Abe Eshkenazi, CEO of the U.S.-based Association for Supply Chain Management (ASCM), “but more often than not, it was specific to an issue within a firm or source. What we’re seeing today is disruption of almost every node in the supply chain.”

The Economist Intelligence Unit recently partnered with ASCM to produce a report on global supply chain resilience, which recommends a more comprehensive approach

to risk. Business continuity plans, for example, “should include triggers outlining actions to be taken across a range of disruptions.”

“As Covid-19 has made abundantly clear, risks can feed and amplify one another such that when a disruption does occur, the effects radiate out at increasing velocity,” said Claire Casey, global head of policy and thought leadership for The Economist Intelligence Unit, on a webcast interview with Eshkenazi.

Automotive production delays caused by the microchip shortage, for example, could prevent a building contractor from taking delivery of a truck on time, causing a delay in the construction of a hospital.

“The frequency, duration, and severity of disruptions right now prevent you from focusing on one,” says Eshkenazi. “It’s almost a quilt of challenges. If you address the port congestion, then the question is ‘have you addressed the logistics and the warehousing that’s going to be released when you release the port congestion?’”

“Historically, supply chain managers have focused on readying themselves for short-term, relatively predictable shocks and then recovering to a business-as-usual scenario,” Casey said. “That’s a scenario that assumes stability is normalcy, and increasingly it isn’t. And so in this era of turbulence, that classic approach to risk management – going from crisis to crisis – simply isn’t enough.”

Broadening the approach

To cope with the current risk environment, supply chain operators will have to develop new capabilities.

“The sea change in the industry is that people are getting much more strategic about threats and risks, where before they were much more narrowly focused around specific external threats,” says Robert Dodge, CEO of Prosegur Global risks.

One of the main recommendations in the study is that companies need to gain better visibility of supply chain elements.

“Companies have been flying blind,” says Christopher Tang, UCLA distinguished professor and faculty director of the UCLA Center for Global Management. “When companies started outsourcing, they didn’t know that the supplier might be outsourcing that production to another company. So right now, I think a lot of companies are realizing that they have no visibility at all if something goes wrong with tier two or tier three. That means they are absorbing a lot of risk that they don’t even know about.”

“Continuity plans in the past may have been specific to a particular vendor or a particular source of raw materials,” says Eshkenazi. “Now you’ve got continuity plans that have to evaluate every step from your tier one, tier two, and tier three vendors.”

Technology will almost certainly be in the forefront of these efforts. Companies can collect data from diverse sources – suppliers, customers, transportation partners, warehouse management systems, GPS tracking systems, global news reports – and deploy artificial intelligence (AI) to catch early warning signs, develop tactical plans, or test alternative scenarios.

Giants like Walmart and Amazon have paved the way by developing significant IT infrastructure for gaining these levels of visibility. A growing number of established technology companies and startups are entering the space, offering a wide range of solutions. In some cases the expertise behind the solutions comes from the financial services sector, where risk management methods are thoroughly developed.

Unique profile

Given the complexity of modern supply chains, however, the risk profile for each company tends to be unique. Furthermore, supply chain risk is not just about probability that an event will occur, but also about the costs of responding to and recovering from the incident. Overall evaluation requires considerable experience and expertise specific to the company’s supply chain.

Supply chain risk is difficult for outsiders to assess. “Even insurance companies do not know how to evaluate supply chain risk,” says Tang. “Insurance companies are very good at assessing your property risk and your risk within four walls. But when it comes to supply chains, it’s difficult for them to insure because they don’t know your supply chain structure.”

“To evaluate a risk, you have to understand the risk,” says York University Professor David Johnston, who heads the George Weston Ltd. Centre for Sustainable Supply Chains at the Schulich School of Business, “and that’s sometimes a tactical thing. If you want to understand what happens when there’s a snowstorm and your distribution network is disrupted, you have to understand what happens during that.”

Not theoretical

Risk management can’t be merely a theoretical exercise – companies will need to work with their front-line employees to understand the potential impact of disruptions, and develop and maintain tactical mitigation strategies. Undertaking such efforts, which are likely to be significant, will be a tough sell in many organizations.

“We don’t traditionally…play defence – we prefer to play offence,” says Johnston, “and risk management is defensive. If you’re doing your job, no one ever hears about what you did. But when a really bad thing happens, of course, then everybody says, ‘how come you weren’t prepared for this?’”

A case in point is that formal disaster recovery plans are often neglected. “A lot of companies do have contingency plans or disaster relief plans or emergency plans,” says Johnston. “Sometimes it’s required by law. But if you ask when a plan was last revised, it’s sometimes years ago. And if you ask when it was actually tested or practiced in a simulation, it’s sometimes never.”

Reducing vulnerabilities

Looking ahead, many companies and governments are considering alternatives to the global approach that has been the de facto standard for the past thirty years. Global supply chains are very effective under stable conditions, but are highly vulnerable to what are often called black swans – events that are highly improbable but have severe and wide ranging impact.

“I think people need to realize that the global supply chain has certain value in a very stable environment when there are no political issues, when there’s no pandemic, when there’s no climate change,” Tang says. “But now the world is changing, and I think that it’s safer to operate in a more hybrid environment. You still need some global elements to maintain the cost structure, but then you also need some regional entities, at least to secure your short term needs. I think it’s safer that way.”

The first step for many companies is diversification to reduce their dependence on a single country, typically China. Vietnam is becoming a popular alternative, Tang says.

Many companies that offshored their production are now reversing that process and bringing production to their own facilities. “It’s shifting back,” says Tang. “Before everybody wanted globalization, but now the new term is deglobalization.”

“All the things that have happened in supply chains – the delays, the challenges, etc. – have really put the spotlight on corporate weakness in those areas, especially around supply chain parts that they don’t own or control directly,” says Dodge. “So there’s a feeling, ‘Don’t we wish we had more of our own supply chain under our own control? Then maybe we wouldn’t have all the problems that we do.’”

Bringing operations home

The reshoring trend is also seeing government efforts. In the 100 Day Supply Chain Report, a U.S. presidential task force came up with a series of recommendations for reversing the decline of U.S. manufacturing capabilities.

Nearshoring, or bringing production to nearby countries, is another option for reducing vulnerabilities. Tang cites a recent example where an American clothing manufacturer that had previously outsourced production to China now has the fabric shipped from China to a sewing operation in Mexico. The result is a more reliable supply chain and, thanks to free trade agreements, a more economical arrangement.

Nearby countries are also easier to monitor for ESG (environmental, social and governance) compliance. “If you outsource to U.S. or Mexico, you can go there and easily keep track of exactly what they’re doing,” says Tang.

Tang believes that the recent merger between Canadian Pacific and Kansas City Southern railroads creates a significant opportunity for Canadian companies to bring production closer to Canada, leverage North American free trade agreements, and also reduce dependence on the overburdened Vancouver port.

“Canada should take advantage of this,” says Tang. “Now there’s one railroad that goes all the way from Canada to Mexico. This will really change the landscape of ground logistics.”

Building risk-smart organizations

The re-thinking of global supply chains will entail a steep learning curve for supply chain operators. Technology will help, but human experience and innovation will be the driving force.

“Our hope is that organizations invest in people at the same rate that they’re investing in technology to understand what the technology is telling them,” says Eshkenazi, “and to be able to discern what the most important data is for them to make the decisions for their organization.”