How Cloud-Based Procurement Networks Aid in Real-Time Risk Management

As supply chains become increasingly global, the ability to manage associated risk across geographic boundaries and time zones is fast becoming a top priority for organizations around the world.

Tony Harris

As supply chains become increasingly global, the ability to manage associated risk across geographic boundaries and time zones is fast becoming a top priority for organizations around the world. While risk management isn’t new, the sense of urgency behind how they approach it is new to suppliers. Driving this urgency is:

  • An incident involving a supplier that may have caused reputational damage
  • The desire to gain visibility into potential supply chain disruption in order to anticipate and ideally prevent it
  • New legislation mandating that companies “know your suppliers” better

The benefits of outsourcing certain functions to third parties are well-known, but outsourcing can accompany significant risk. The primary responsibility of risk and category managers is to identify and mitigate it. Though the task may be daunting, in today’s connected and data-driven world it can be accomplished effectively.

A wide variety of vendors provide content services designed to help companies assess supply chain risk. There are companies that perform compliance screenings and check third parties against various government watch and sanctions lists. Then there are those who evaluate “green” credentials with small and minority-owned businesses. There are providers who monitor an organization’s IT infrastructure to determine the likelihood of a breach that could expose sensitive information.

While these vendors focus on distinct aspects of risk, they share a common denominator: information. Managing risk of any type hinges on data, shedding light on one’s suppliers, their suppliers and their suppliers’ suppliers.

Yet many companies store mission-critical data across various information systems that don’t necessarily “talk” to each other. As a result, a company’s third-party risk can be challenging to assess and mitigate. Companies must evaluate:

  • How long have we been trading with a particular supplier?
  • What has been its performance to date concerning product and service quality and on-time delivery?
  • How many contracts do we have with the supplier, and do the terms remain optimal given changing marketplace conditions?
  • Do we have any large purchase orders about to be placed?
  • Is the supplier’s profile information up-to-date, including details on insurance and other certificates? Have these been validated?
  • Does the supplier have in place a sufficiently rigorous governance framework to detect and root out slavery, child labor and other reputational risks from its upstream trading partners?

How can organizations collect all this information and gain a single, real-time view and determine and manage associated risk?

Networks can be an invaluable place to start. Social networks have revolutionized the way we shop, share and consume. Likewise, business networks have made it just as easy and transparent to conduct business with a partner on the other side of the world as with one across the street.

However, networks are more than just connecting companies, people and processes. Their real power lies in what goes on inside them — all the interactions, transactions and collaboration — and the massive amounts of unstructured data these activities generate. With business networks, companies can gain a whole new level of transparency into the capabilities, performance, social and environmental practices of their trading partners.

Aided by artificial intelligence and machine learning, cloud-based applications can help companies to map the bill of materials for products and services right down to their raw inputs. Companies can cross-reference this information with global hotspots where a propensity may exist for forced labor, human trafficking or inhumane working conditions. More importantly, companies can receive timely alerts they can use to mitigate risk as it arises. These cognitive insights arm businesses with the foresight to prevent not only reputational risk but operational risk, such as bottlenecks in the supply chain that organizations can identify and rectify before they arise, thus ensuring smooth operations and enhancing customer satisfaction. Meanwhile, as automated procurement solutions take on many of the function’s day-to-day tactical activities, they free up professionals to focus on strategic priorities such as shoring up supply chain resilience, shielding the brand from third-party risk and spurring new sources of innovation. As digital technologies reshape the way businesses work together, procurement is evolving from its historic role of generating cost-savings to fostering collaboration, driving much of the strategic value that fuels growth.

A procurement network is only as useful as the data it brings together in real time. A stand-alone procurement system, no matter how elegantly designed or intuitive to use, offers limited value if it fails to “talk” to the enterprise resource planning (ERP) or other mission-critical software running alongside it. A business network for procurement must be nimble enough not only to “talk” with one ERP system but to carry on multiple “conversations,” simultaneously, with different ones managed across far-flung business units. Procurement professionals typically grapple with a range of unique constraints requiring that the networks they rely on be customized to exacting specifications. So, any source-to-pay system must be versatile enough to operate in concert with disparate enterprise systems, yet flexible enough to tailor to a business’ complex requirements. Some organizations have over a hundred points of integration between procurement and ERP systems. A customized digital solution built on a cloud-based network aims to achieve a snug fit between them all.

Implementation is the process by which a network achieves this seamless fit. The complexity of an implementation involving integration with one or more ERPs varies widely according to an organization’s unique objectives, the number and nature of its points of integration, and the internal change-management efforts needed to promote adoption. This last point is crucial, because technology alone can never achieve an organization’s desired results without internal training and willingness to embrace it. Successful implementation of a business network requires behavioral change in equal measure to technological change. This success depends on regular, candid dialogue with the business network provider to set expectations, define intended outcomes, ensure satisfaction and manage risk across the value chain.

When it comes to risk, what you can’t see can absolutely hurt you. Knowledge is power, and with the help of business networks and the technology underlying them, companies can effectively harness data to peer into the future and shape it to their advantage.