Structural reform

A staggering array of risks continue to threaten supply chain continuity globally. Joint and mutually beneficial strategies, including real-time cargo tracking, asset health management and big data are among some of the more innovative approaches to mitigating supply chain interruption. Helen Yates reports

Large-scale events like the Tohoku Earthquake and Tsunami and Thai floods of 2011 have pushed supply chain risk firmly onto the boardroom agenda. In recent years the physical damage wrought by earthquakes, floods and volcanic ash have closed down transport networks, factories and industrial estates, ripping through global supply chains, causing loss of productivity and loss of revenue across a diverse range of industries.

But it is not always the big natural hazards that reveal the vulnerabilities in today’s global supply chains. In 2012, a fire in the small town of Marl in the west of Germany had an inconceivable impact on the global car industry’s supply chain. The Evonik Industries’ plant was a critical supplier of a resin used in the braking and fuel systems of cars; when it was put out of action, that shortage led to a crisis in the car industry.

Such events have shaped the risk management and business continuity profession’s approach to supply chain risk. “I don’t think any company operates in isolation anymore,” says Caroline Woolley, EMEA property practice leader at Marsh, and leader of its global business interruption centre of excellence.

“It used to be that you may have one location in one country and you would feel relatively protected. But now even small businesses can have global value chains.”
“Online retailing means they are often attracting a global customer base, and even if they use local suppliers – those suppliers are no doubt using far reaching suppliers further down the chain,” she continues. “They are therefore part of a complex value chain which means they are exposed to much more risk.”

“As companies have focused more on their core competencies, the increased outsourcing means there’s such an increase in reliance on those suppliers, and those suppliers are also focusing on [their own] core competencies, so they are drawing in from many different suppliers as well,” she adds.

Part of the problem is that manufacturing processes devised over half a century ago were never designed for current realities. “When manufacturing embraced the supply chain concept it was all pretty much run by Toyota and they had a very good vision in terms of their lean manufacturing and just-in-time, but the supply chain was very localised,” says Jonathan Salter, global consulting director at RSA.

“As the world has become much smaller and globalised we’ve seen some fairly catastrophic supply chain failures,” he continues. “A small interruption can have a disproportionately large effect on the supply chain. And because people have got used to outsourcing you get suppliers who have become experts in supplying manufacturers and this means there is a convergence of risk at particular suppliers.”

The Business Continuity Institute has carried out a supply chain resilience survey since 2009, last year polling 2,639 organisations in over 105 countries. It shows that not only are supply chain disruptions becoming more prevalent – with over three-quarters of organisations reporting at least one incident each year – many of the causes of disruption are non-damage in nature.

Among the top ten causes of supply chain interruption in the 2014 survey are unplanned IT and telecommunications outage, loss of talent/skills, new laws and regulations, cyber attack, data breach, industrial dispute and exchange rate volatility. Cyber risk is a particular concern for many risk managers, given the potential for a wide-ranging attack to take out systems globally.

“There’s a lot of variation year-on-year in the survey, but there are more concerns now about information security and intellectual property if you’re outsourcing to countries where IP is not as important as it is in Europe or the US,” says Lyndon Bird, former technical director of the BCI.

“Deliberate physical attacks have almost by their nature a limited geography,” he continues. “We’ve had plots to blow up several aircraft simultaneously but, by and large, to manage things beyond a restricted geographical area is almost impossible to achieve with of physical attacks. But for cyber [risk], clearly there is potential for a wide-scale attack on a country or a whole region.”

Building better supply chains

Risk and business continuity management are inevitably a big part of dealing with supply chain risk. By marrying the two disciplines, organisations should be able to map their supply chains and identify vulnerabilities, such as overreliance on a critical supplier or too many suppliers in the same location. Gaining insight into these exposures is a starting point from which to build contingency plans.

“There is a trend where the informed risk managers are really considering the supply chain as their own risk,” says Salter. “Your educated risk manager is really getting to grips with business continuity management – and a lot of the drivers for understanding supply chain come back to business continuity management and understanding where your pinch points are. It doesn’t matter if that’s a risk you control or a risk outside your domain, that instantly becomes a problem for the risk manager.”

In a world of the unpredictable, companies are advised to have more than just a plan B. When the Tohoku earthquake and tsunami devastated Japan in 2011, several Japanese companies moved their production to Thailand to negate the strong yen and power shortages. But then came the Thai floods, impacting around 450 Japanese manufacturers and causing yet further supply chain disruption.

“You can’t be over reliant on one supplier in one part of the world just because it happens to be potentially the most efficient and cheapest supplier,” says John Abbott, a partner at Ernst & Young. “You’ve got to mitigate your risks, so you’ve got to have a plan B and a plan C.”

“It’s much easier to deal with the basics than shift your whole distribution network to say a new country or to have a second back-up distribution network in a second country,” he continues. “But I think companies are starting to invest in that and build those contingency plans, but it’s a big capital investment and it takes time.”

Cost is a major hindrance, of course. Not all organisations are able to dedicate the resource required to accurately map their supply chains and conduct regular onsite visits to discuss business continuity planning. These challenges are felt all the more keenly at a time when many Western economies are just coming out of recession.

And while boards are undoubtedly paying more attention to supply chain risk, the business arguments for outsourcing and lean manufacturing remain just as persuasive as they have always done. “It’s always a fine line between the economic benefits that just-in-time or lean manufacturing can bring you as opposed to the risks,” says Salter. “But it’s almost inconceivable now that you would have industries with warehouses full of weeks’ of component supplies that you need to keep your production line running.”

Onshoring or reshoring has become a hot topic with one in six UK manufacturers bringing production back from overseas, according to a survey by the government’s Manufacturing Advisory Service. But these decisions too are more often commercially driven as oppose to conscious risk mitigation, thinks Bird.

“Change is in the right direction but what’s motivating it is still the traditional drivers which are financial and commercial,” he says. “The reason [the US has] taken an enormous amount of manufacturing back onshore is because…energy prices are cheap, not because they’ve decided it was too risky have it offshore.”

Passing the buck

The approach of many firms that continue to outsource overseas is to try and pass responsibility for the risk onto the supply chain, requesting business continuity guarantees in service level agreements. But this is missing the point, thinks Bird. “If they fail, so what? You’ve still got the problem. What you need to do is jointly have strategies and plans so if you or your supplier has an interruption you will be able to provide mutual support to each other.”

This is the approach taken by Network Rail, one of the first rail companies and only the 13th in the UK, to achieve BS 11000 – the British Standard for collaborative working. “What companies should do is sit with core suppliers and say, ‘as a collaboration between us how do we guarantee overall business continuity? Can we work with you and build an integrated business continuity programme rather than dumping it on you to deliver?’,” adds Bird.

Another company taking an innovative approach to dealing with its supply chain risk is US telecom giant AT&T. It is harnessing the Internet of Things and big data through its Cargo View software which provides real-time cargo tracking and sends data on the health of the asset in transit (such as temperature and vibration).

Natural hazard maps, such as Munich Re’s Nathan tool, offer an accessible and detailed overview of suppliers’ potential catastrophe exposures wherever they are in the world. RSA and others offer applications to help clients manage their global risk engineering data, including that of their suppliers, including an in depth review associated with specific sites.

And by allowing devices to talk to each other in the right way the IoT can help supply chain professionals in numerous ways. Among these are ensuring temperature stability (useful given around a third of food perishes in transit each year according to the Food and Agriculture Organisation of the United Nations (FAO) and managing warehouse stock.

“Because there is much more data around and because there are more sophisticated data and analytical techniques we see much more of that,” says Abbott. “Where major retailers have big freezer units it’s now much easier to work out when they are empty or full, so you can really start to make your supply chain much more efficient. We see an increasing trend to use data and analytics in a remote way to really understand what is happening in your supply chain. Which obviously makes it much more efficient and effective over time.”

This article was published in the May 2015 issue of CIR Magazine.

Download in PDF format

Click here for more interviews and analysis

Contact the editor

    Share Story:

Recent Stories

Cyber physical risks
Property damage as a consequence of cyber attack is often excluded from standard property policies, but as the industrial internet of things expands, so too do the risks. This podcast examines the evolving threat landscape. Published October 2021

Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021