Supply chain leaders and chief risk officers will want to reassess their global supply chain risks and risk management efforts, following the Chartered Institute of Procurement & Supply’s latest quarterly Risk Index.

Developed in collaboration with Dun & Bradstreet, the CIPS Risk Index is comprised of the individual assessments of 132 countries that make up at least 90 percent of global economic activity. The individual country scores are then aggregated to calculate a global supply risk score.

The CIPS Risk Index scores each country by providing a comparative assessment of cross-border risk. The ratings are divided into seven bands, ranging from DB1 (lowest risk) to DB7 (highest risk). Each band is subdivided into quartiles (a-d) with an ‘a’ designation representing slightly less risk than a ‘b’ designation, and so on.

Using the CIPS Risk Index, global heat map, and accompanying “Country Risk Line” and “Country Insight” reports, for example, supply chain leaders and chief risk officers can better:

Evaluate supplier business continuity plans;

Set the agenda for discussions with Tier 1 suppliers about emerging supply chain risks;

Assess and mitigate against supply chain disruptions to help focus business-continuity planning and decision making;

Communicate the risks of sourcing from new suppliers in new countries; and

Weigh price considerations against an informed perspective of macro supply risks.

Overall, the CIPS Risk Index score revealed that global supply chain risks—natural disasters, political instability, unstable commodity prices, civil unrest, and more—continued to climb for the fourth straight quarter. The overall global supply risk score rose to 81.6 for the period July through September 2016—the highest level since 2013—up from an overall score of 80.8 in the previous quarter.

Turning this data into actionable intelligence is fundamental, says Ian Scholler, head of corporate delivery at CIPS. By having a finger on the pulse of where suppliers sit geographically and the types of political and geopolitical risks they are facing in their respective regions, supply chain leaders can better gauge the efficacy of their supply chain resiliency, he says.

Enjoy full access to Compliance Week's Digital Edition, a faithful reproduction of our monthly print magazine—conveniently online. Subscribers can browse, print, and download issues back to April 2013, add annotations, search by keyword, and more.

Now more than ever, supply chain leaders have a crucial role to play in serving as “guardians” by leading companies through these difficult times, Scholler adds. “I can’t stress enough the importance of looking outwardly from the organization to what is happening in the marketplace,” he says.

Country-by-country risk. Among the countries that scored highest on the CIPS country heat map—and, thus, those that posed the lowest risk to operations—include Denmark, Norway, and Sweden. Other regions of the world that fared well include the United States, Canada, Finland, and Australia. The highest risk scores—and, thus, those that pose the highest risks to operations—are concentrated in the Middle East, Sub-Saharan Africa, North Africa, and Latin America.

Increasing barriers to trade developments, in part, are significantly contributing to the overall increase in global supply chain risk, the CIPS Risk Index stated. According to the World Trade Organization’s latest report, 154 new trade-restrictive measures were put in place during the review period, mid-October 2015 to mid-May 2016.

This figure amounts to an average of 22 new trade restrictive measures per month, up from an average of 15 measures per month recorded in the WTO’s previous interim report. It’s also the highest monthly average of trade-restrictive measures registered since 2011. The total number of restrictive measures in place today stands at slightly more than 2,100.

Trade deals are especially under threat in Western Europe, due to uncertainty around the post-Brexit relationship between the United Kingdom and the European Union. In the United Kingdom, for example, the resulting currency volatility is already having an effect on British companies, as suppliers start to push up prices in reaction to the weaker British pound, according to CIPS. “The situation is rosier for British exporters, however, who are becoming more competitive as a result of the depressed pound,” CIPS said.

Supply chains will not fully experience the effects of Brexit until the first quarter of 2019, the earliest date by which the United Kingdom will exit the European Union. Post-Brexit, however, CIPS said it anticipates “severe changes to tariffs, and we advise customers to closely monitor negotiations between the EU and the United Kingdom.”

“I can’t stress enough the importance of looking outwardly from the organization to what is happening in the marketplace.”
Ian Scholler, Head of Corporate Delivery, CIPS

Elsewhere in the world, many countries in Eastern Europe and Central Asia “continue to face numerous risks, including persistently weak commodity prices, geopolitical tensions, and domestic political instability,” the CIPS Risk Index states.

On the economic front, the index notes that oil-exporting nations—Russia, Kazakhstan, Azerbaijan, and Turkmenistan—continue to face ongoing weak oil prices, which is driving governments in these countries to reduce their investment spending. “In turn, this is raising supply chain risk as businesses suffer from cash flow difficulties, a deterioration in payment performance, and an increased risk of bankruptcy,” according to the CIPS Risk Index.

Weak oil prices are similarly raising supply chain risks in the Middle East and North Africa (MENA). Furthermore, civil wars in Iraq, Syria, Libya, and Yemen have all but eliminated global supply chains in those regions, CIPS said. “Thus, the elevated security risks across the region will ensure supply chain risk remains high for the remainder of 2016 and well into 2017,” the risk index noted.

In the Asia Pacific region, the bankruptcy of Hanjin Shipping, the world’s seventh largest shipping company, in South Korea left some 540,000 container units and at least 18 bulk cargoes on more than 80 ships stranded at sea and denied access to ports, with no funds to pay for the discharge of cargoes worth up to U.S.$14 billion.

Hanjin also was carrying containers from alliance partners and other carriers. “The bankruptcy is likely to have wide-ranging impact on trans-Pacific and Asia-Europe supply chains,” CIPS noted, adding that its collapse also will have wide-reaching effects on U.S. West Coast port and trucking logistics going into the fourth quarter.

In Latin America, ongoing recessions in Brazil, Venezuela, Argentina, and Ecuador are “depressing aggregate regional growth,” and in Sub-Saharan Africa, “domestic demand fails to pick up the slack caused by lower commodity prices and non-economic factors like drought and political insecurity,” CIPS said. Such events have contributed to a worsening overall risk score in these regions of the world.

All of these events are just to mention some of the largest global supply chain disruptions; they don’t take into consideration the many smaller—but equally impactful—disruptions that can affect a company’s day-to-day operations like, say, a power outage in a remote region of the world.

Risk management. Putting the CIPS risk index into context, good supply chain risk management today isn’t so much about eliminating risk altogether—a nearly impossible task—as much as it’s about bolstering resiliency in the supply chain. Supply chain leaders are achieving this in a number of ways, including by gaining greater visibility across the supply chain, improving collaboration between business functions and externally with suppliers, and monitoring adverse events in near real-time.

Companies with large, globally complex supply chains tend to be more proactive and are leading the way in terms of their investments in supply chain risk management, whereas many other companies are in the early stages of adoption. “We are seeing an awakening across all size organizations,” says Bill DeMartino, general manager of North America at riskmethods, a supply chain risk management firm.

“Everyone is doing something today,” DeMartino adds. “It’s just a matter of how robust, how comprehensive, and how deep into the supply chain they are actually looking.


Below is a look at the CIPS risk heatmap.

Often, supply chain leaders and chief risk officers will focus on a company’s highest risk areas to assess where they may be exposed from a risk standpoint, “but really there is risk around every corner in every neighborhood in every part of the world,” said Jay Traficane, senior director of supply chain at golf equipment company Acushnet, the parent company of Titleist.

“Whether we want to acknowledge it or not, as supply chains become ever more global, risk is increasing,” Traficane added. Even in the most stable geographies across the most stable and reliable suppliers, he said, “it’s not a matter of if a supply chain disruption will happen, it’s a matter of when.”

A best-in-class supply chain risk management strategy is one that proactively plans for disruptions, or, even better, one that uses advanced predictive analytics to assess what disruptions could occur down the road. The overall idea is that when disruptions occur in the supply chain that demand an immediate response the company will have thought about its strategy well beforehand so that it doesn’t get caught off-guard.

Case study

During a recent webinar on supply chain risk management, sponsored by riskmethods, Traficane shared what lessons Acushnet learned in the process of implementing its supply chain risk management program, the pitfalls they ran into, and where its program stands today.

The first attempt at implementing the program, Traficane explained, began with looking at all of the company’s Tier 1 suppliers for all of the company’s major components from a variety of different angles, including:

Market availability (i.e., single-sourced, dual-sourced, or multi-site);

Difficulty of substitutions: number of qualified materials;

Political climate;

Quality history; and

Whether the supplier had a mitigation program in place.

“We tried very hard at first to create this very complex matrix, and we graded a lot of materials across a very diverse supplier base,” Traficane said. With more than 15 distribution centers and 10 factories, this task naturally took “painstaking amounts of time” over more than six months to get what was thought at the time to be a complete list and risk profile for all the company’s materials. “At the end of all this, we felt good about it,” he said.

They felt good about it, that is, until 2011, when a catastrophic Tsunami struck Japan. “That was the first real test to see how well we had planned for risk mitigation,” Traficane said.

The matrix showed that only one major supplier would be impacted, “so we started putting in risk-mitigation activities at that supplier,” Traficane said. As the days wore on, however, it became increasingly clear that “we still did not, even after all the work, have a view into the extent of the impact of our supply chain,” he said.

The underlying problem: The supply chain risk management program that Acushnet had in place at the time was completely manual, Excel-based sourcing and calculations, which made the whole process “very complex and extremely labor intensive,” Traficane said. “We had built this great matrix, but it was a beast, and it was hard to feed and keep updated.”

Because of the manual nature of the program, too, many Tier 2 suppliers that had been affected by the Tsunami in Japan had not been mapped at all. What happened, as a result, was that information “trickled in from a variety of different sources,” sometimes weeks later, Traficane said.

The manual nature of the program also made real-time monitoring impossible. Relying on Google alerts or waiting to get notifications from suppliers on everything that’s happening in every region of the world “frankly, is just not practical,” Traficane said.

Through the benefit of hindsight, Acushnet realized its supply chain risk management program was not as bullet-proof as originally thought. “So we went back to the drawing board. We spent a long time trying to tweak, rebuild, reconfigure, and streamline the existing program,” Traficane said. “We knew we needed a more comprehensive and automated solution. We knew we could not get to where we wanted to be strictly by managing it in-house.”

That’s when Acushnet reached out to riskmethods. By implementing an automated solution, Acushnet is now able to monitor its entire supply chain—both Tier 1 and Tier 2 suppliers, facilities, shipping and receiving ports, and more. “When completed—and this is an ongoing activity—we will have complete global supply-chain visibility and risk monitoring throughout the entire supply chain,” Traficane said.

With the riskmethods software, all risk types are taken into account: supplier risks (e.g. compliance, financial stability, quality); location risks (strikes, natural disasters); country risks (political risks, sanctions); and category-specific risk (import regulations).

Following a risk event, an early warning system sends alerts via e-mail or as a push notification to mobile devices. Being able to get real-time alerts … has been something that has really transformed the way we monitor risks,” Traficane said.

Good supply chain risk management isn’t something that can be done once, and then forgotten about. “The journey never ends,” Traficane said. As global supply chain risks continue to evolve so, too, must your risk management program and risk mitigation efforts.