In the present-day business world with its highly sophisticated supply chain system, it is impossible to make decisions without taking into consideration the risks that emerge in this intricately organized environment. Logistics and supply chain management have become integral parts of any business (Monczka, Handfield, Giunipero, & Patterson, 2016).
A typical supply chain includes three main junctures: factories where the materials are extracted and goods are produced, warehouses that are used for storing purposes, and target retailers for whom these goods are meant. To provide a better service with minimum associated expenses, supply managers have to maintain the successful interaction of all the participants at each level of the supply chain.
Thus, supply chain management combines several approaches that are applied to integrate producers, warehouses, and customers. All the supply strategies involved are designed to ensure that the product is distributed in the right quantity to the right destination at the required time, thereby satisfying customers’ requirements (Ganesan, George, Jap, Palmatier, & Weitz, 2009).
In the modern business environment with steadily growing demand and customer-oriented policy, suppliers are faced with a challenge to go beyond their boundaries in providing continuous supply excluding any possible outages to stay afloat in the conditions of severe competition. If there occurs a serious supply chain failure, the outcome for all parties involved is likely to be deplorable. For this reason, risk assessment is the primary concern of any supply chain team. It is also a perfect way to estimate and unite various kinds of data that can be encountered in the chain (Handfield & McCormack, 2007).
Even though globalization, which led to the extension of supply chains, provides suppliers with a lot of evident benefits, it can make the chain more vulnerable to failure. The earthquake and tsunami that happened in Japan in 2011 proved the ability of a natural disaster as a single event to cause entire enterprises to leave the market (Lee & Pierson, 2011).
Thus, the primary objective of the research at hand is to investigate what types of risks can undermine the successful operation of a supply chain and what can be done if an enterprise wants to mitigate those risks. The approach combing literary review and case study is chosen to exemplify how effective supply risk management can save a company in case of an outage, as well as how the lack of competence in defining problems and practices that are to be addressed can lead an organization to the total failure. It will touch upon associated problems that concern insufficient or low-quality supplies.
Different Types of Supply Network Risk and Ways to Identify Them
If we attempt to define risk in most general terms, it can be called a possibility of danger, failure, loss, damage, or any kind of other unfavorable financial, health- or life-threatening consequences (Rao & Goldsby, 2009). However, before passing on to the ways of avoiding these consequences, it seems necessary to give a brief overview of types of risks and ways to identify and assess them on time.
Supplier risk can be classified into a huge number of types, which vary in the works of different authors. The most popular approach is to divide risks into groups according to the potential impact that involvement with a particular supplier has on business and environment. The common types that are singled out are the following ones:
- strategic risk: interferes with the implementation of the major business strategy and disrupts all the inner processes of the company (Handfield & McCormack, 2007);
- operational risk: negatively affects organization’s processes (including manufacturing and supply), systems, and employees, which leads to comprehensive business failure (low-quality service and products, marred reputation, financial losses, etc.) (Rao & Goldsby, 2009);
- input risk: tells on the incoming flow of resources that are needed to perform this or that operation (Rao & Goldsby, 2009);
- customer risk: decreases the number of customers ordering goods; generally occurs for the reason of previous supply disruptions (Handfield & McCormack, 2007);
- asset impairment risk: emerges when an asset can no longer generate due income (Christopher, 2016);
- financial risk: implies that relations with a vendor hurt profit; usually caused by unpredicted cost rises or inability of a company to provide an adequate service (Christopher, 2016);
- competitive risk: is connected with the inability of an enterprise to stand apart from its business competitors providing better services at lower costs (Handfield & McCormack, 2007);
- reputation risk: often leads businesses to bankruptcy because of devaluation and subsequent loss of confidence (Handfield & McCormack, 2007);
- fiscal risk: results as a response to changes introduced to the system of taxation (Christopher, 2016);
- regulatory risk: can appear in the companies with changing regulations that have a drastic influence on business operations (Christopher, 2016);
- technology risk: results from unauthorized storage, sharing, use, misinterpretation, modification, recording or perusal of information and data systems (Rao & Goldsby, 2009);
- compliance or legal risk: arises from violating laws, legal regulations, and prescriptions in all possible manners (Rao & Goldsby, 2009);
- physical security risk: undermines the security of well being of employees, visitors, access points, and premises of the company (Rao & Goldsby, 2009);
- authorization risk: disrupts the process of people screening (Rao & Goldsby, 2009).
This is not the whole list of potential supplier risks, but, as we can see, each of them exists at a discrete level of an enterprise. It means that an organization must identify and manage them at the level at which they exist on time. In case low-level risks are found at high levels, it is required to make sure that risk management is implemented at all the junctures of a supply chain (Handfield & McCormack, 2007).
Different nature of risks at each level highlights the importance of identifying the context to select the most effective risk management strategy. Organizations must be able to evaluate how critical the component of a supply chain is and what consequences a change of supplier can bring about. Mapping supply-chain processes can help make proper decisions with each particular risk.
To draw grounded conclusions from the information at hand a company must answer two major questions:
- What are the chances that an event will occur?
- How significant the consequences and losses might be?
The first aspect is predetermined, in its turn, by two factors: the exposure of an organization to risk (i.e. the presence of conditions that provoke it), and the appearance of a trigger that sets it in action (can be both internal and external, i.e. can be caused by the company itself, or by factors beyond its sphere of influence).
Sometimes, they are referred to as direct and indirect potential risks (Ganesan et al., 2009). It is worth mentioning, however, that there is no universal classification in this case as some powerful enterprises are influential enough to be able to change market trends and policies, whereas others can only adapt to the new risk environment to survive.
As far as consequences are concerned, some of them can be anticipated and estimated rather precisely (it is especially relevant to cases that deal with law violations), while others are largely dependent on other circumstances that cannot be predicted (Waters, 2011).
Performing risk assessment, it is important to bear in mind that not all the possible losses are tangible and can be calculated and presented in figures. As it has already been mentioned above, risks can mar reputation, credibility, status, and customer trust. All these implications make the process of estimation more complex and the results of it less accurate (Handfield & McCormack, 2007).
The risk tolerance of an organization can be identified through the evaluation of real risk levels against acceptable ones (Christopher, 2016). If consequences of this or that risk seem to exceed risk tolerance, it means that a company must change strategies of risk management.
Acceptable levels of risk vary across organizations in the manufacturing of goods, service delivery, logistics, or other aspects. Moreover, risk tolerance may be different at each level of the same company. That is why some of the risks may be considered so minor that no buffering is applied to mitigate them, while others undermining the competitiveness are directly addressed using several techniques.
Factors That Allow Mitigating the Risk
Even though supply chain management has made considerable progress during the last decades, risk management still leaves much to be desired. However, there already exist strategies that can help prevent or mitigate risks. The most widely accepted are the following ones:
- Sharing information. A supply chain cannot operate unless effective coordination among its components is provided. Information sharing ensures trust, which is one of the pivotal constituents of successful performance. It has been proven by experiments, that real-time exchange of information on demands, delivery, inventory, and other conditions between the customer and the supplier can reduce the risks of misunderstanding and further problems that it brings about to minimum (Christopher, 2016).
- Agility. It is generally understood as the capacity of an organization to continue active participation in business processes despite the challenges presented by the constantly changing market conditions. It is important to understand that agility is a capability that must encompass all levels of the business including organizational structure, financial accounting, logistics, information systems, and even employees’ and employers’ mentality. The agility of supply chains makes it possible to satisfy customers’ demands in the shortest time possible and communicate with suppliers more effectively (Nishat, Banwet, & Shankar, 2006).
- Trust. It has already been specified that trust is one of the key factors in the interaction between suppliers and customers. The lack of trust can undermine the success of business operations. On the other hand, a high level of trust can create conditions that result in significant competitive benefits. Trust can be defined as a feeling of certainty that your partner will not breach the agreement even if there appear some unexpected and promising incentives, which may encourage him/her to do so to make a profit. On the contrary, he/she will do the utmost to ensure the long-term stability of the supply chain. Trust can rarely exist initially – in most cases, it appears as a response to consistency, reliability, and predictability of the partner’s actions over a long period. In the modern business world where deceit is rather common, it is hard for a company to establish its trustworthiness. It requires a continuous demonstration of interest and commitment to supporting the current relationship. Moreover, acquiring your partner’s trust often implies denying yourself some beneficial opportunities promising a quickly attainable profit. However, in the long run, supply chains that are built in the environment of mutual trust prove to be the most resistant to risks (Nishat et al., 2006).
- Collaboration. Establishing close collaborative relationships with major suppliers is another way of eliminating the risk. It presupposes the transition from negotiating favorable conditions for your company to the coordination of efforts. The collaborative supply chain is built with an emphasis on the interdependence of the parties involved. It leads to increased responsibility, quicker reactions, flexibility, and as a result – to reduced risks. However, partners must show a willingness to share them (Waters, 2011).
- Data security. Among all the data that a company controls, the information that is communicated through a supply chain is the most vulnerable to risks. It is subjected to theft, misuse, intrusion, fraud, and other illegal practices. Thus, it is essential to guarantee protection against external threats. Supply chain managers should implement various strategies to secure the data that they communicate to the customer and receive from him/her. This issue mostly deals with the successful application of IT (Nishat et al., 2006).
- Corporate social responsibility. Companies (especially those that operate at a large scale) must consider the influence they exert on the whole community that is beyond the market. Ethical and ecological issues are included in the list of factors that can trigger the risk. The need to make a profit must never eliminate these concerns. The main purpose of corporate social responsibility is to show the public that the activities of an organization do not threaten anyone’s life, health, or rights. The risk factors include child labor, excessive working hours, poor conditions, discrimination on a racial basis, environmental pollution, etc. Being parts of a supply chain, they can ruin a company’s image (Christopher, 2016).
- Alignment of incentives and revenue sharing. It is a wide-spread error of judgment among enterprises that maximizing their interests they also contribute to the quality of a supply chain. It is much more effective to distribute both risks and rewards fairly among member companies. The most difficult thing is to decide upon the way of sharing the revenue that would be agreeable for everyone (Nishat et al., 2006).
- Strategic anticipation of risks. Supply chain risks, no matter how sudden they may seem, can be predicted at the strategic level. Effective risk management is often dependent on the capability of an organization to elaborate contingency plans. This process includes two basic stages: identification and understanding of risks that threaten all companies in the field and determining the ways to adapt general strategies of supply chain risk management to suit a particular organization (Waters, 2011).
- Sharing risks and outcomes. Sharing rewards is rather common practice, whereas sharing risks seems to be more difficult. Managers must understand that if they want to mitigate potential threats, it is crucial to concentrate not only on their risks but also on those that other members of a supply chain may face. It means stepping aside from the direct risks to those that are less evident. Therefore, the models of risk management must be developed with the view of applying them to all the links of a supply chain. All stages of supply must be identified and thoroughly examined (Rao & Goldsby, 2009).
- Increased awareness. However simple it may seem, but gaining detailed knowledge about the risk can give quite significant results. In many cases, managers cannot manage risks because they do not know how to classify and approach them. There exist four main categories of risk: political, economic, terroristic, and other risks. It is impossible to choose an effective risk-reduction strategy without determining what type of risk you deal with (Rao & Goldsby, 2009).
- Unceasing analysis and evaluation. Business environments are not stable. Even the slightest changes in political or economic situation can have an enormous impact on the whole supply chain. A company should learn to see indicators of possible risks and develop tools that can prevent it in the process of assessment. It is quite a challenging task to take into consideration all the events that can provoke disruptions. However, only ongoing analysis can secure the future of a supply chain (Waters, 2011).
Contingency planning is mostly associated with natural cataclysms such as tsunamis, floods, tornadoes, fires, etc., though not only disasters can bring about confusion and disorder in a supply chain. Any unpredicted event can cause irretrievable consequences. This necessitates contingency planning as an important business activity (Tomlin, 2006).
Creating a contingency plan must start from a careful risk assessment. It is advisable to perform it using the following guidelines:
- estimate all business-related operations: an effective plan does not neglect any operation that can affect the outcome;
- identify existing risks: outline all the potential threats and estimate which of them are the most dangerous;
- prioritize risks: do not plan too much – not all situations are even possible and not all potential risks are worth additional expenses (Tomlin, 2006).
Developing a contingency plan, one should also remember that people are very unlikely to be enthusiastic about creating Plan B as they made a lot of effort to ensure the success of Plan A. Besides, most of the risks are not very probable, which accounts for the fact that planning is not perceived as an urgent matter up to the moment when a crisis emerges.
When a manager starts preparing a contingency plan, he/she should observe the following guidelines:
- business operation maintenance is always a primary goal; one should remember that the main task is to deliver service and functionality under any circumstances (Tomlin, 2006);
- the period must be defined; anyone who uses the plan must be aware of both short- and long-term goals (Christopher, 2016);
- the trigger should be identified; it must be evident what leads to the plan implementation, what actions are required at each stage, and who is responsible for what (Waters, 2011);
- the plan is better to be simple and clear-cut; plain language can be understood by anyone who may happen to read the plan and consider its practical application (Tomlin, 2006);
- possible restrictions have to be accounted for; it is desirable to estimate whether the plan will inevitably restrict the company’s capabilities or they will remain the same (Tomlin, 2006);
- the needs of everyone involved in the process must be taken into consideration; all the employees should have what they need to perform their work (Rao & Goldsby, 2009);
- success should be defined to understand what conditions are necessary for further business development (Waters, 2011);
- a contingency plan must be a part of other procedures; basic training is required for everyone to be aware of the plan (Tomlin, 2006);
- risks must be predicted; if it is possible to eliminate or reduce risks, the plan should do so (Tomlin, 2006).
Even so, it is not enough to develop the plan – it must be kept relevant through regular updates and upgrades as every business changes rapidly nowadays. To maintain the plan, one should:
- communicate its particulars to every employee in the company;
- inform everyone of his/her responsibilities and explain to them the importance of their roles;
- ensure the basic training to teach people necessary skills;
- conduct educational drills imitating real disasters;
- regularly estimate the results to introduce changes;
- review the plan every time a new technology appears;
- discard old versions of the plan and distribute the up-to-date ones;
- always have additional copies of the plan in-store;
- reassess existing and potential risks and correct the plan following the results (Tomlin, 2006).
Contingency planning is often ignored in the fast-paced modern business environment simply because there is no time to elaborate on it in detail. However, if managers devote their time and effort to it, they will guarantee quick and effective recovery from any disaster and minimize financial and other losses that it causes.
The Effects of Not Having Quality or Quantity Supplies
In case an organization fails to develop a contingency plan and thereby undermines its ability to manage supplier risks successfully, it leads to dangerous consequences. One of the most likely prospects is running out of supplies or a gradual transition to low-qualities supplies (Waters, 2011).
Managing supplies is the pivot of any business because without any quality goods to sell a company simply has nothing to do. That is why if a supply chain fails, it often brings about bankruptcy caused by running out of necessary stock. However, this is an extreme case. Other adverse effects of not having quality or quantity supplies include:
- Fall of customer satisfaction levels. Customers may demonstrate a high level of patience and understanding in cases of emergency but in general, they want their orders to be delivered in the shortest time possible without any delays connected with the lack of supplies. All companies are customer-oriented, which implies that an organization cannot stay afloat unless it can guarantee timely and high-quality service (Christopher, 2016).
- Damaged reputation owing to inaccuracy. Inaccuracies usually happen when a company does not have enough goods to satisfy the customer’s needs and tries to supplement them with other goods hoping that the customer will fail to notice the difference in quality or quantity. Inaccurate order execution (even to correct the mistake as soon as the required materials arrive) may be regarded as cheating and can severely damage the company’s image (Handfield & McCormack, 2007).
- Broken loyalty caused by the lack of goods on demand. Every business strives to establish its customer base consisting of clients who come back because their demands are met quickly and correctly. When an organization runs out of supplies or starts substituting them with low-quality goods, it starts losing its loyal customers. Loyalty and habit are great powers but even so, quality and timeliness stand higher in the hierarchy of consumers’ values (Waters, 2011).
- Impossibility of timely returns on customer’s request. Commonly, if the customer returns the product because of its faults, it is better to replace it as soon as possible and to arrange the issue with the manufacturer afterward. However, if there are problems with a supply chain that made an enterprise run out of its stock, the customer has to wait until all the issues are resolved. It leads to dissatisfaction with service delivery (Waters, 2011).
- Affected morale of employees. Supply chain disruptions have an adverse impact not only on business operations but also on the morale of sales staff. It happens because the customer, who finds out that he/she cannot receive the necessary item, simply goes elsewhere with the same order. It provokes the feeling of insecurity in the sales team as they cannot promote the product without being sure that the company has it in the warehouse. Smart sales decisions become impossible under these circumstances (Waters, 2011).
Thus, running out of necessary supplies or switching to low-quality goods may bring about consequences that not every company can recover from. Some enterprises manage to regain their reputation, while others have to admit failure and cease to exist.
Companies That Had Suppliers Issues
Foxmeyer was the second hugest wholesale drug company in the United States, with profits amounting up to five billion dollars. This status was unquestionable until 1996 when Foxmeyer adopted a modern ERP system and a highly automated DC. It involved a whole number of carousels and conveyors for order delivery.
The technology was so promising that the company started to make contracts relying on further cost lowering. The first warnings appeared when the order processing system failed to cope with the number of orders. However, that was only a minor issue in comparison with the DC automation system that proved to be a catastrophe despite being the most modern automated facility in the whole country.
The system suffered from constant bugs in the software and a lot of money and labor forces were spent on fixing the problems. In some cases of system failure, orders were shipped partially to customers who later filed a lot of complaints. Shipping errors continued wasting the company’s money. The expected benefits never materialized. The whole supply chain turned out to be ruined making Foxmeyer file for bankruptcy. The company was sold to McKesson (Supply Chain Digest, 2006).
In 1999 online retailing was quickly gaining momentum. Toys R Us, the leader in the toy industry, attempting to advertise infinite capabilities of its online sector, promised to make timely Christmas deliveries of toys ordered by December, 10. As a result, thousands of customers placed orders online. Despite the normal functioning of the supply chain and rather modern inventory, the company simply did not manage to pack and ship all the toys quickly enough.
Some of its employees had to work 50 days straight but it was no use. A few days before Christmas, the company was forced to send shamefully “We are sorry” letters admitting its failure in delivering orders on time. Toys R Us managed to recover after the failure but had to reconsider its online capabilities (Supply Chain Digest, 2006).
Apple can serve as an example of a company that made the right conclusions from the bad experience and later prevented supplier problems using a contingency plan. When the company introduced a new line of Power Mac PCs in 1995, the demand was so high that the supply chain did not cope with it. The stock price had to be reduced. To avoid such losses, the company developed a highly meticulous plan of supplies years later when the iPod was introduced (Supply Chain Digest, 2006).
Supplier risk is an issue of paramount importance that should not be underestimated and that requires a comprehensive approach. There is no universal type of software solution that would be able to resolve all the problems connected with supply chains. Many of the aspects must be integrated with other levels of business, such as quality and compliance management, risk management, IT, design engineering, and many other departments.
The approaches to risk management may differ across companies (as well as the success of its implementation) but the significance of this activity continues to grow, becoming more and more influential in determining a company’s successful interaction with its customers.
Christopher, M. (2016). Logistics & supply chain management. Harlow, UK: Pearson Higher Ed.
Ganesan, S., George, M., Jap, S., Palmatier, R. W., & Weitz, B. (2009). Supply chain management and retailer performance: emerging trends, issues, and implications for research and practice. Journal of Retailing, 85(1), 84-94.
Handfield, R., & McCormack, K. P. (Eds.). (2007). Supply chain risk management: minimizing disruptions in global sourcing. New York, NY: CRC Press.
Lee, D., & Pierson, D. (2011). Disaster in Japan exposes supply chain flaw. Los Angeles Times.
Monczka, R. M., Handfield, R. B., Giunipero, L. C., & Patterson, J. L. (2016). Purchasing and supply chain management (6th ed.). Boston, MA: Cengage Learning.
Nishat Faisal, M., Banwet, D. K., & Shankar, R. (2006). Supply chain risk mitigation: modeling the enablers. Business Process Management Journal, 12(4), 535-552.
Rao, S., & Goldsby, T. J. (2009). Supply chain risks: a review and typology. The International Journal of Logistics Management, 20(1), 97-123.
Tomlin, B. (2006). On the value of mitigation and contingency strategies for managing supply chain disruption risks. Management Science, 52(5), 639-657.
Waters, D. (2011). Supply chain risk management: vulnerability and resilience in logistics. London, UK: Kogan Page Publishers.