A couple of weeks back, I spoke to someone who had the chance to observe how Eli Lilly is beginning to more aggressively manage supply risk relative to its peers. In his words, they've gotten "really aggressive" about it. But in this case, we should equate aggressive with effective. What is Lilly doing? They're pursuing a comprehensive supply risk management that looks at risk across all of their key suppliers -- not just ones that meet a certain size threshold. They're even requiring privately held suppliers to submit financial information to them. And they're doing this across many or all of the 6,000 suppliers that compromise roughly $3 billion in spend.
According to my source, "Lily is requiring all private suppliers to submit audited financials or they won't give you a contract." This approach has effectively "closed the risk loop" on privately held suppliers, a group that my contact describes as a "real mystery" when it comes to deploying effective supply risk management programs. I would concur with his assessment and in doing research on the offerings from D&B, Experian, Equifax and others, I would say that the quality of their risk data is substantially less indicative of potential failures for smaller, private suppliers than others. My general rule of thumb here is not to trust third-party risk data that looks at supplier financials / credit information alone when suppliers have less than $100 million in revenue ($200 million is an even more conservative number).
This puts the onus on companies to do their own homework on privately held suppliers. But how difficult is it for companies like Lilly to demand -- and actually receive and analyze -- information on private companies? The answer might surprise you.
In general, most of us would assume that privately held companies will be unlikely to give out information on their finances to anyone who is a non-owner or investor. But given the exceptional circumstances of the current downturn, procurement organizations have one of their best opportunities ever to actually get information from suppliers that they did not think privately held companies would share in the past. Especially if your volume levels are flat or growing in the current environment, it's highly likely that suppliers will cooperate with your request if it has teeth behind it. And if they refuse to comply, then we can take such a response as a useful indicator that this is probably not a supplier that is safe to do business with.
To ease the pain and added effort of asking for this information on suppliers, it's worth dangling the positive reasons for requesting the information. For example, if a supplier's health appears solid, then it's quite probable they'll actually get more business from you in the future given savings-focused supplier rationalization programs and the need to reduce risk by concentrating spend on those suppliers most likely to emerge from the recession in good financial operating condition. Using these arguments as a carrot in such information requests is always good policy for building and maintaining relationships -- even if you really will drop the supplier if they fail to comply.
Once you get the information from suppliers, the question becomes what do you do with it? Running financial models on thousands of suppliers on a quarterly basis is time consuming and expensive. I'd argue the key here is to settle on a customized risk scoring approach based on industry -- potentially based on an Altman Z score but not necessarily -- and then figure out the most economical way to acquire the data and then run the numbers.
When it comes to data acquisition, it’s important to request information in a standardized format -- ideally a standard Excel template or accounting package report extract. Then, once you have it, if you're really sophisticated and have the time to develop a custom application that automatically flags questionable financials for review, you're golden. However, most companies will probably be better off in the near term off-shoring the financial analysis or consolidating these activities in a low-cost onshore finance shared services center (or potentially outsourcing these activities entirely).
What is your experiencing in asking for, acquiring and reviewing private company financial information? Are there important tips here that I'm missing?