It's become increasingly apparent to me as both a writer and consultant over the past few quarters that the vast majority of companies are woefully underprepared when it comes to understanding and preparing for the various risks inherent in their supply chain. It's a situation not unlike that which existed in many organizations before the now infamous Sarbanes-Oxley act. Before SarbOx, many organizations lacked the level of visibility and controls required to create transparency into their own internal financial controls and systems.
Then as now, companies still lack similar controls and visibility -- but this time the problem lies outside the four walls of the organization. Which makes the problem even more serious considering the increasing levels with which companies depend on global supply chain and financial partners today. Personally, I'd be willing to put a good many chips on the table to bet that the next major regulatory overhaul of the non-banking regulatory arena will occur as a result of a series of very public global supply chain breakdowns. For me the question is not if, but when.
Before delving into this a bit more, let's go over a bit of history. Not many people know that SarbOx is also known by a more descriptive name: The Public Company Accounting Reform and Investor Protection Act of 2002. Wikipedia suggests that the law was passed in reaction to "a number of major corporate and accounting scandals" including "Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom" (and let's not forget other financial scandals that led to jail time for executives including Computer Associates, Purchase Pro, etc.).
What did these individual accounting and financial control blow-ups have in common? In each case, executives and Boards of Directors lacked adequate visibility and controls into financial processes and systems. And this lack of insight -- not to mention corporate checks and balances -- led to executives pursuing illegal activities that ultimately brought either the entire organization or key individuals down in the process.
Today, I'd wager that we're sitting on a good many potential SarbOx-like powder kegs when it comes to external controls and systems regarding global supply chains. Now, there are a few differences. This time around, I doubt outright fraud will always be the cause of potential blow-ups (but who knows, I might be wrong here). Rather, I'd suggest that the real dangers we face are from a lack of oversight and control of extended supply chain quality, costs and a range of other factors certainly including but not limited to supplier financial viability. If you put your ear to the screen, you can almost hear the potential news headlines from 2010:
50 Deaths in 50 Days From Tainted Products
Forged Supplier Insurance Documentation Results in Billion Dollar+ Exposure for Large Multinational
Unhedged Global Commodity and Energy Exposure Bankrupts Manufacturing Bellwether
IP Theft in China Dooms Product Launch of Key Technology Gadget, Causing a 50% Share Price Decline
Falsified Supply Chain CSR Reporting Scandal Leads to Management Team Resignations at a Major Retailer
Terrorist Group Owned Manufacturing Sub-Contractor of Faulty Part on Flight 101
Substituted Raw Material in Plastic Plumbing Lines Cause Catastrophic Flooding of New Luxury High Rise
These ideas just begin to scratch the surface of the types of exposure companies face today from supply chain partners and their own controls and visibility into these relationships. To simply lump this into the "risk management" area underscores the potential company-killing implications that different scenarios may lead to, not to mention the type of legislation and regulatory action that may follow a series of corporate disasters. Will the next Federal SarbOx take the form of legislation designed to prevent these types of incidents from happening? I suspect it very well might, but only after a series of high profile industry events cause the corporate corpses to begin to pile up and stink.