With companies linked to a growing number of businesses through their supply chains, organisations are increasingly exposed to a myriad of risks that could severely damage their finances, reputation and future competitiveness. It’s time to understand the challenges and implement a proactive strategy to get on the front foot.
Cyber hacking, human rights violations, environmental disasters or complex new laws are just some of the risks Australian organisations are exposed to through their supply chains. As organisations engage with more customers and suppliers internationally, often competing on price, speed and proximity, their risk portfolio expands.
“Competitiveness in global trade is growing and it throws up complexities and challenges throughout supply chains that a lot of Australian corporates are not used to dealing with,” says Peter Liddell, Partner, ASPAC Head of Supply Chain & Operations, KPMG.
Liddell says that in some businesses, up to 80 percent of their operations can be interacting with a supply chain, making it tough to stay ahead of risk. It is therefore essential that they understand the pressure points, and have a solid strategy to mitigate potential damage.
Supply chains involve multiple ‘suppliers’, which could provide anything from office stationery to technology and tools, raw materials and manufactured products, or even the transport of goods.
“Traditionally supply chain risks have been a concern for manufacturing, distribution, retail, and agriculture, but now extend across all sectors including financial services and government,” Liddell says.
The more expansive and interconnected a supply chain, the greater exposure to risk that can occur, such as geopolitical issues, weather incidents and piracy.
“When you move a product within Australia, the maximum delivery lead time is typically 2 to 3 working days. As you move into Asia that becomes 4 to 6 weeks. In North America and Europe it becomes 12 to 16 weeks. The ability for things to go wrong increases significantly as corporates interact with global supply chains, adding more time and complexity,” he says.
Every country has its own regulations, so when companies are entering into supplier contracts across the globe, they can suddenly be in a regulatory compliance minefield. Regulatory changes have a significant impact on the ability to export, import, manage and track goods and services.
“Emerging markets, as well as mature markets, are all adjusting or changing their regulatory frameworks, industry by industry, level by level,” Liddell says.
Amid this complexity, tax obligations are also varied in each region, opening companies up to tax risk, explains Jeremy Capes, Partner, Tax, KPMG.
“Tax laws are evolving faster and in different ways, ever increasing in complexity,” Capes says. “There is global momentum driven by high profile groups such as the G20, OECD, EU and the UN weighing in on global taxing rights. Many concepts are aligned, but the objectives may vary between groups and the implementation of change can differ significantly between countries.”
Inherent within supply chain risk is the threat of reputational damage. If one supplier is engaging in poor ethical or environmental activities, the impact on every linked organisation could be devastating, explains Adrian King, Global Head of KPMG’s Sustainability practice.
“In concert with supply chain complexities deepening, we’re also seeing expectations changing,” King says. “Consumers care about where their products come from and regulators are placing impositions on organisations regarding this.”
He says companies are increasingly being held publically accountable for their “first, second, third and fourth tier suppliers”.
Mike Kaiser, Director, Corporate Affairs Advisory, KPMG, says the excuses of ‘different laws’, or ‘not knowing’ are not valid when reputation is at stake.
“In some territories child labour may be a socially accepted norm, but supply chains are only as strong as their weakest link,” he says. “The reputational vulnerability along any part of the chain usually impacts the consumer-facing brands.”
Kaiser adds that reputation doesn’t just matter externally, but to employees too.
“People don’t want to work for a company that is even two or three commercial arrangements away from human rights violations, child labour or other problems.”
Non-governmental organisations (NGOs) and activists for different causes (for example anti-child labour, climate change or animal welfare), are becoming more sophisticated in their monitoring of supply chains.
“They know where to target, when to attack in a coordinated manner and how they can get the most impact,” King says.
However, rather than seeing this as a problem, companies should embrace that NGOs are highlighting what their customers, shareholders and employees demand.
“The NGOs aren’t creating these issues, they’re just surfacing these issues and people are responding to them,” he says.
With so much at stake, organisations must recognise the scope of risks and take a very proactive, or even predictive, approach to reduce them.
“Predictive risk management is more than responding to the risk as it happens, but actually using information available in the network to predict major risks and potential disruptions,” Liddell says.
He gives the example of a company with a manufacturing plant in Thailand that produces 80 percent of the goods that it sells in Australia.
“You can almost expect that every 2 years there will be some type of political coup or a major flood in Thailand that will stop the distribution of products for 4-6 months. Yet, you can easily access information from the Bureau of Meteorology about weather patterns, and monitor newsfeeds to accurately predict that such events are highly likely to occur in the near future, and execute the appropriate corrective actions,” he says.
King advises that technology tools should be engaged to track, monitor and forecast risks across the globe.
“One of our clients now tracks over 120,000 data points across all their products from cradle to grave, so they can understand the components of their supply chain and manage and monitor it effectively,” King says.
To better manage tax risks, Capes says organisations are wise to understand the local laws and landscape, and adopt operationally driven models.
“Companies get into trouble when operating models being designed or implemented don’t make sense for the business and there isn’t strong commercial rationale,” he says.
If issues arise, it is vital that organisations have a ready-made strategy to respond, specific to each region impacted.
“It’s incumbent upon high profile consumer-facing organisations to have very rigorous plans around reacting publicly if things go wrong,” Kaiser says. “When the media is camped outside and an NGO is threatening to disrupt your AGM, it is not the time to be thinking about these issues for the first time.”
Wrong moves could have long-term repercussions on the organisation’s potential to recover their reputation.
“It is not as easy as withdrawing your business from someone behaving poorly. Companies are expected to take responsibility for their entire supply chains and improve circumstances throughout their supply chain,” Kaiser says.
Technology is connecting businesses to more suppliers than ever, so it is essential that they are aware of the risks. Find out more in Safeguarding supply chains from cyber attack.
Supply chain risks – from cyber attack to compliance – could severely damage an organisation. This series explores how to get on the front foot.
©2021 KPMG, an Australian partnership and a member firm of the KPMG global organisation of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved. The KPMG name and logo are trademarks used under license by the independent member firms of the KPMG global organisation.
Liability limited by a scheme approved under Professional Standards Legislation.
For more detail about the structure of the KPMG global organisation please visit https://home.kpmg/governance.