Strategy is defined in the dictionary as “a plan, method, or series of maneuvers or stratagems for obtaining a specific goal or result.” Before the Covid-19 crisis, many thought of the world as deterministic. While there might be volatility or uncertainty in financial instruments leading to crises like the Global Financial Crisis, this was perceived to be separate from low levels of real volatility. Globalization increased monotonically, technology evolved, and the world seemed to have converged on profit-maximizing corporatism. The only shocks to the system came from contained natural disasters like tsunamis or earthquakes or floods. Even climate change was deemed to move in one direction.

In a regime in which volatility seemed limited or, at least, something the firm could hedge with the right insurance coverage, and one in which companies did not have any acknowledged responsibility to stakeholders other than their shareholders, then the target for strategy was simple: lower costs.

It is a cliché that the first place anyone seems to turn for cost savings is procurement. You see this in merger announcement press releases, in restructuring plans, , and in regular corporate presentations to investors. Companies announce that they will obtain procurement cost savings from vendor rationalization, the elimination of duplication, or even digital transformation.

In practice what did this mean for procurement?

It meant outsourcing much of a company’s supply chain so that only the final stages of value addition were performed domestically and internally. In the limit, companies would outsource research, development, and production, retaining only distribution.

It meant concentration of purchasing with a single vendor (or a small number of vendors) to obtain discounts driven by scale.

It meant offshoring to countries where the wage gap with the developed world had not yet closed.

It meant that the corporation ignored issues of social importance, like race and inequality. Milton Friedman’s dogma on social responsibility prevailed:

“… there is one and only social responsibility of business — to use its resources and engage in activities designed to increase its profits so long as it stays within the rules of the game, which is to say, engages in open and free competition without deception or fraud.”

As Warren Buffett is reputed to have said, “Only when the tide goes out do you discover who’s been swimming naked.”

Companies who focused on cost-minimization exclusively or primarily were self-insuring against risks they did not perceive, confident that all of their competitors were doing the same thing.

When the Pandemic lock-downs started to bite in the Spring of 2020, it was clear that the world was not deterministic. Economic losses due to lost revenue and higher costs started to roll in with the concurrent realization of multiple risks.

By outsourcing their supply chains, companies discovered that they lacked visibility into who was providing them with what. They definitely knew who their prime contractor was. They might know from whom their prime contractor sourced his inputs. But they almost certainly did not know who these sub-contractors sourced from and so on and so forth. This was critical because the points of failure were more likely to be located deeper in their supply chains. Without the ability to identify these vulnerable third-tier (and beyond) suppliers, it was even more difficult to mitigate risk ex post facto.

In concentrating purchases with a single vendor, buyers found that they had foregone the benefits of diversification for marginally cheaper unit pricing.

Many procurement teams found that they had weak relationships with alternative suppliers. Solvent alternative suppliers began to allocate limited capacity with an explicit preference for customers who had supported them before the Pandemic. The higher pricing that the ex-ante cost minimizers were forced to pay to access capacity ex-post ate into the accumulated profits from the pre-crisis salad days. After all, those prior savings were like the insurance premiums they had avoided paying for not purchasing the hedges that would have smoothed their results in the crisis times.

The Pandemic’s effects were not restricted to health and productive capacity; they also sparked geopolitical tensions as rivalries erupted in competition for positioning and resources. For those who had sourced from countries in the developing markets, they risked having their access to products they needed desperately limited, diverted, or delayed.

The effects of the lockdown combined with a series of tragic events to provoke a re-examination of the corporate social contract. Companies had to ask themselves, what were they doing to promote diversity and inclusion?

Naturally, the principal focus here was on hiring and internal advancement. But buyers have an even greater ability to empower diverse suppliers with contracts that help these typically smaller companies develop capacity, capabilities, and relationships necessary for sustainable wealth generation. How would perceptions about corporate behavior affect brand and, ultimately, revenue?

The lessons of the Pandemic are that strategy at the firmwide level is about managing the risk profile to maximize the upside and minimize the downside subject to resource constraints and that sourcing is an integral part of this strategic management of risk.

Most companies are (or should be) preparing Board-level discussions of how to revamp their approach to supply chain risk. Expect these to be discussed and debated intensely later this year and early next year now that we are through the most reactive phase of the crisis.

The first thing they need to do is to spell out the different dimensions of sourcing risk that they face with procurement. Here are just a few that could affect the value of the firm.

• Price: Have they obtained the best price?
• Supplier Concentration: Have they diversified and limited their exposure to individual suppliers?
• Geographic Concentration: Have they diversified and limited their exposure to individual countries?
• Subcontractor: Do they have visibility into the supply chain and have they taken steps to mitigate the risk associated with subcontractor suppliers?
• Inventory: Do they maintain adequate inventories for a variety of scenarios?
• Supplier Relationships: Do they have strong relationships with the best suppliers?
• Market Intelligence: Do they have access to real-time intelligence about potential supply chain shocks in their markets and sourcing locations?
• Revenue and Brand: How does the firm’s engagement with diverse suppliers affect its revenue? Is membership in supplier and diversity organizations sufficient, or will companies need to increase their direct engagement with these suppliers materially?

These risks (and potentially other risks specific to the individual buyer firm) bear upon the kind of technology solution the procurement department requires.

One solution is unlikely to span all these dimensions comprehensively. Firms need to have a procurement technology stack, combining several solutions each of which addresses a subset of the overall risks.

To date, digitization in these tools has preserved the antecedent analog business process with its one-buyer-to-many-suppliers transactional orientation. These software solutions were more about executing a simple process. They were not built to manage risk.

In planning digitization as part of the strategic re-engineering, Boards should think about ways in which they can get the information they need, when they need it.

This doesn’t have to mean pulling out the plumbing and starting from scratch. That’s a straw-man argument in favor of the status quo that becomes less feasible every month the world is mired in this new normal.

The ideal solution is going to have features from financial markets risk management software. That’s why we built EdgeworthBox. It’s a layer that sits in the procurement technology stack to augment the existing approach. Whether you’re using email and spreadsheets or you’re using a cutting-edge cloud-based source-to-pay functionality, EdgeworthBox can help you access market intelligence and a community of other users the same way that financial market participants do using structured data and communities. And we do it all while making things simpler, fairer, and faster for suppliers so that more of them want to engage with buyers, creating more options. Check out this video. Give us a shout. We’d love to talk to you about procurement.

Contact Us

Deloitte in its CPO Survey of 2019 argues that CPOs should eliminate complexity that “introduces risk and hampers procurement performance … where possible” while exploiting so-called “good complexity.” They see complexity as the catalyst for transformation of the status and influence of procurement.

“Complexity can be exploited to expand procurement’s influence beyond traditional sourcing-centric spend management toward a broader engagement model and service offering. This includes efforts to more broadly influence business stakeholders in strategic areas (e.g. capital expenditures, enterprise risk management), as well as to more deeply influence stakeholders through demonstrated leadership in areas such as corporate development.”

AT Kearney descries the disparate spread in outcomes between the haves and the have-nots, quantified by something they call the Return on Supply Management Assets score.

Those who get it right are two to three times as efficient as the average company and more than ten times as efficient as the weakest performers.

The overarching problem is that supply chain is not plugged into the C-Suite the way it should be.

“Procurement executives at the leading companies see themselves as strategic business partners. They are aligned with the CFO. They maintain strong credibility and visibility within the enterprise. And they work collaboratively with business units – not just to reduce basic costs, but also to evaluate trends and identify new drivers of value. As a participant at our CPO Roundtable explained, ‘CPOs get fired for not delivering high-impact cost reduction, and promoted if they also deliver strategic value that goes beyond cost reduction.’ … While 80 percent of leaders focus more than 70 percent of their procurement team on strategic activities, only 17 percent of other companies do the same.”

It may well be that strategic value is far more important than cost reduction. Procurement may be optimizing for the wrong objective.

Here’s Accenture on what they call the “strategic disconnect:”

“The strategic disconnect between supply chain and the C-Suite can have negative consequences. At many enterprises, the business as a whole simply doesn’t see the supply chain as a driver of differentiation and aggressive growth. Chief Supply Chain Officers, meanwhile, blame the absence of a clear business strategy, together with an inadequately skilled workforce, and incompatible legacy systems for their function’s failure to drive value.”

A combination of complexity and C-Suite bias means that most procurement departments lack the teams and the technology to do anything more than keep their heads above water, in a self-reinforcing cycle of tactical reaction leading to being discounted strategically. 

And that was before Covid.

Covid is an opportunity for procurement (as part of a broader supply chain organization) to reset its relationship with the rest of the enterprise, but particularly with the C-Suite. To do so, they will need to emphasize two lessons:

• Procurement is risk, not cost: We have written about this elsewhere. Cost minimization is indistinguishable from a conscious decision to take additional risk. It is no different than an investment manager who writes options on his portfolio to juice his returns. It works until it doesn’t work. Procurement risk can make or break a company in times of crisis where the winners win big and the losers go away.
• There is upside risk, as well as downside risk: The Covid crisis with its K-shaped recovery in which there are big winners as well as desperate losers demonstrates that risk is opportunity for those who are exposed to benefit from it, or who are nimble enough to recognize it early and adapt.
• To manage risk, we need data and tools: McKinsey summarizes it well when they write “… digitizing supply-chain management improves the speed, accuracy, and flexibility of supply-chain risk management. By building and reinforcing a single source of truth, a digitized supply chain strengthens capabilities in anticipating risk, achieving greater visibility and coordination across the supply chain, and managing issues that arise from growing product complexity.”

The good news is that we don’t have to reinvent the wheel.

Again from the McKinsey note:

“Organizations should build financial models that size the impact of various shock scenarios and decide how much ‘insurance’ to buy through the mitigation of specific gaps, such as by establishing dual supply sources or relocating production. The analytical underpinnings of this risk analysis are well understood in other domains, such as the financial sector – now is the time to apply them to supply chains.” [emphasis added]

If there were ever a moment for procurement to step up and claim its rightful piece as a strategic function within the enterprise, now is the time. Part and parcel of this aspiration has to be to show the rest of the management team that procurement has the tools and the approach to deliver. They will want to see data. They are already familiar with financial risk management. Put those two together and procurement leadership can shine.

This is precisely why we built EdgeworthBox. Our background is in financial services as risk managers and developers. We saw the need to build a layer that could enable risk management in strategic sourcing the way investors look at and shape the risk profiles of their portfolios. We bring tools from financial markets including central clearing of vendor administration, central clearing of structured data, and social networking with which the enterprise can assess and mould its exposures, in a way that complements whatever they use today. 

Have questions?b

Contact Us

2020 is a year in which a virus spread exponentially: slowly, slowly, then quickly. This led governments to shutdown vast swathes of the global economy and to lockdown whole populations, only to see them react strongly to the spark of social injustice in a mid-sized city in the Midwestern United States.

Risk is the quantifiable assessment of both the likelihood of something happening, as well as its impact. Uncertainty in the Knightian sense comes from something that could happen but for which quantification is not possible. Perhaps it is because we cannot imagine the event ever happening, so we are unaware, or perhaps it is that we cannot comprehend the extent of its influence.

Did anyone have Covid-19 on their bingo cards for 2020? Or rolling protests focused on social justice? If so, did they have a sense for what these scenarios would entail economically?

To manage risk means to take steps that enable us to maximize the benefit from positive outcomes that may or may not happen, while minimizing the cost of negative outcomes that may or may not happen, allocating resources based on likelihood and impact.

As a procurement expert or head of operations, you might think that in planning your supply chain that you are engaged in a deterministic exercise (for the most part). Investors might agree with you that your function is to optimize production, extracting efficiencies and streamlining wherever possible.

If that’s what you think, you are wrong and 2020 is the proof of your error.

According to ISO 31000, risk management is “intended to establish the context, communicate and consult with stakeholders, and identify, analyze, evaluate, treat, monitor, record, report, and review risk.”

But there is one important nuance that this definition fails to emphasize: interdependence. We cannot assume that individual risks are independent. In fact, we know in many cases that if risk A is realized then that affects the likelihood of risk B and risk C, along with the magnitude of their effects. Realization of A may dampen the effect of B or it may amplify the consequences of C.

For example, if there is an epidemic in China like Covid-19, then local manufacturing capacity will fall, authorities will restrict travel, etc.

Getting interdependence correct is difficult.

For example, the World Economic Forum is cognizant of interdependence and they try to explore interdependence in their annual risk reports. Notably, the WEF report for 2020 both discounted the likelihood and the impact of infectious disease.

What did they get wrong?

There is an excellent article in the Journal of Network Theory in Finance that discusses this. But it is their broader conclusion about how to get interdependence right that has lessons for how procurement teams can do a much better job.

The WEF asked 750 experts about pairs of risks, specifically whether they were linked and what weights the assessors would attach to those links.

According to the JNTF article, there were two key flaws. One, the experts were limited to two risks at a time. This limited the number of connections between risks to those pairs that were in the survey. There was also no context to the link. Was it a causal relationship? Or were the risks linked because they fit the same label?

The alternative approach that the JNTF team took was to present respondents with a set of 143 risks to describe using 24 unique tags.

The results here were a network of risks defined by their statistical similarity into five clusters. Each cluster represents risks that were densely connected to one another, with loose connections to risks in other clusters.

As opposed to the typical method of risk management in which people think about risks with an organizational perspective (strategic risks, regulatory risks, market price risk, etc.), here the description of the risks led to a bottoms-up classification.

With this new bottoms-up approach, it is possible that risks that would not appear in the same grouping in a traditional scheme might be actually quite similar. That is, top-down labeling would bias the risk assessment, creating blind spots.

Risk similarity is important because of what it means for identifying what the authors call emerging risks: “a material, previously unconsidered risk or changing risk factor that has the potential to significantly alter the firm’s risk profile.”

It is risk similarity that helps us quantify (on a dynamic basis) the cascading effects in which one risk materializes, leading to the realization of other similar events, which may dampen or amplify the overall systemic effect.

One way to understand this is to think in terms of Facebook. Your network is a set of points, with every person represented by a point. Some of those people are friends from school, others are parents from your child’s school, or former work colleagues. Within those clusters of friends, some have more influence than others. Tell someone a piece of news and it may spread like wildfire, or not at all.

Applying this to corporate procurement, we could also think of networks-of-networks in which each point in the meta-network is a firm within which there is a network of risk factors of clustered similarity.

We can imagine the cascading effects of an event that affects firm A transmitted through its links to other firms in proportion to the weights of the inter-firm linkages in the network-of-networks.

Ideally, a risk analysis would be able to identify different types of firms with similar or offsetting risk profiles in the network-of-networks who could collaborate in such a way as to improve outcomes for all parties.

How do we incorporate this into strategic sourcing?

First, strategic sourcing needs to be seen to be a risk management function. The historical approach of optimizing for lowest cost has to go. In the limit, this can manifest itself in the act of concentrating purchases with sole sourcing to get scale pricing. But, generally, optimizing for price tends to obscure the interaction of other risk factors and their attendant weights in the network of risks, leading to massive cascading systemic risk.

Second, there needs to be a bottoms-up approach to classifying risk. RFP design should focus on surfacing the information that generates an organic clustering of risk factors instead of the current approach using top-down labeling to assess risks.

Third, procurement departments need to work with others within the organization including staff from finance, marketing, operations, and product to assess risk.

Fourth, there needs to be more collaboration between buyers and suppliers, but potentially also different groups of buyers to take steps to mitigate the downside and shape overall risk profiles.

Strategic sourcing today resembles financial risk management twenty-five years ago. We can apply lessons from how finance has evolved to accelerate the modernization of procurement.

EdgeworthBox is a platform for strategic sourcing, generally, that enables this more holistic approach. We do so as a layer that complements existing procurement infrastructure, so that buyers can execute an RFP cycle that leads to more supplier proposals, when an RFP is appropriate and also develop relationships with suppliers that are suited to a broader context. All without changing the infrastructure they have invested so much in building to date. Give us a shout. Or take us for a free spin.

Contact Us