Risk managers need to broaden data horizons for supply chain risk

Credit: iStock/carloscastilla

The growing importance of political and sustainability risks will require companies to collect more diverse data on suppliers and supply chains, according to Jim Wetekamp, chief executive officer of risk management software provider Riskonnect.

Covid-19 is adding volatility to already heightened political risk, with implications for supply chains, Mr Wetekamp told Commercial Risk Europe. In particular, rising nationalism, trade disputes, civil unrest and conflicts threaten cross-border supply chains the world over, affecting the supply and demand of commodities and components, as well as product quality and cyber risks, he said.

“Companies are increasingly experiencing the tangible effects of political risks, at a time of growing politicisation for business. Businesses must track who they sell to and who they buy from, as the associated risks can bleed through to operational, strategic, financial and reputational risks. Geopolitical risks touch all aspects of ERM,” he said.

In the past two years, the changing political landscape has led to a sudden slowing of globalisation, according to Mr Wetekamp. Growing tensions between the US and China, trade disputes and nationalism, alongside ethical and environmental considerations, are leading companies to re-examine supply chains. For example, auto manufacturers and electronics makers face a shortage of microprocessors, brought about by a surge in demand at a time of reduced supply due to trade disputes, factory closures from fires and extreme weather.

The range and complexity of political risks impacting supply chains is also increasing, according to Mr Wetekamp. Supply chains have come under scrutiny in recent years over ethical and human rights concerns. Alleged use of forced labour in China, for example, has increased scrutiny for a number of industries. Human rights abuses in Xinjiang, home to China’s Uyghur population, has affected solar energy supply chains, as well as fashion and food retailers and manufacturers.

Climate change is also becoming an issue for supply chains, as customers and supply chain partners grow more interested in understanding the sustainability and traceability of materials and products. Some consumer groups have committed to drive deforestation from their supply chains over growing concern that tropical rainforests are being felled to grow palm oil or graze livestock. In addition, the EU is requiring banks and insurers to disclose the sustainability of their operations, investments, loans and underwriting.

Companies will increasingly need to collect data on a wider range of supply chain risks to meet environmental, social and governance (ESG) requirements, as well as the demands of investors, customers and supply chain partners, predicted Mr Wetekamp. These stakeholders will want to know the origins of goods and services, as well as their impact on the environment and society. At the same time, rising political and environmental risks will require companies to gather more granular information on their supply chains, said Mr Wetekamp.

“Organisations will need to ask themselves what evidence they need about the way in which they operate and what is required for compliance across a growing number of areas. We are seeing from customers the need to collate data related to political risks – such as early warnings of political events and instability – as well as data on their own operations and supply chains,” he said.

Companies need to start compiling data on their own operations and their supply chains in several key areas, said Mr Wetekamp. For example, companies will increasingly need to have a handle on environmental factors, like energy and water consumption, as well as health and safety, human rights, corruption, diversity and inclusion, and sustainability. Having a strong third-party risk management strategy in place will be essential to avoid associating with vendors that may be involved in malicious, unethical or unsustainable activities, as well as terrorist groups, said Mr Wetekamp.

Such information is already being demanded by consumers, commercial customers, banks and insurers, and will become increasingly important for access to finance, insurance and markets, he said. Energy consumption and emissions are becoming an important factor for logistics companies and will become a key consideration when selecting transport options in the future, he added.

According to Mr Wetekamp, risk managers are well placed to drive projects to collate data on risks for compliance and ERM purposes. “Many organisations are searching for leadership on this issue, and risk managers are able to identify critical risks and have centralised access to risk information,” he said.

Some companies are collating data related to political and environmental risks, but this tends to be “sub-optimal” because focusing on these two areas alone excludes the full risk picture, Mr Wetekamp said. “It is not enough to examine external factors. Data across all levels of the value chain must considered in order to achieve a comprehensive risk view,” he said.

True ESG reporting standards are still evolving, but the base data that goes into understanding an organisation’s current ESG risk landscape, risk appetite and goals is something that companies should be thinking about now, according to Mr Wetekamp.

“This risk landscape impacts every vertical in some capacity and needs to be factored into risk planning. Customers, investors and operations will require it. There are some base-level activities that they [companies] can begin now, which will not need to be repeated as requirements evolve. Data collection channels, risk categorisations and reporting infrastructure are all base requirements. Even if companies aren’t being asked for these things today, they can start to use this data to inform their team and direct strategy, and proactively market their stance on critical ESG/CSR topics,” he said.

Mr Wetekamp advised risk managers to understand their organisation’s goals related to the net-zero economy, climate and ESG targets. They can then begin to categorise these goals into the context of risk.

They can look these issues in terms of governance, climate impact, the alignment of ESG to value creation, and the impact on people, the environment and strategy. In addition, risk managers should involve stakeholders throughout the planning and initial process, including groups such as peer leadership, IT, customers, and the vendor community, said Mr Wetekamp.