In the first post in this series, we explored, courtesy of an article by Emptoris' Craig Doud in Business Finance, how procurement and finance organizations are beginning to work together outside of P2P enablement and management. One area Craig touches on is one we've been writing about for some time -- the importance of having finance and procurement work together in supplier risk management, ideally moving from "risk reaction to risk avoidance," as Craig suggests. In recent years, we've observed a number of organizations sponsoring a new supply risk function that is staffed with a procurement leader (or two) but that reports into the finance organization. Craig has some useful technology use cases in developing proactive insight into supply risk.
Another area (one that we consider an extension of supplier risk management here at Spend Matters) is compliance, especially when it pertains to ensuring that suppliers meet specific industry, regulatory or materials/ingredient compliance. Here, Craig notes that a range of companies "struggle" to keep up with regulations, "maintaining compliance across all contracts and end up fighting fires when issues crop up or inefficiently running every single contract through the finance or legal department." The fundamental challenge -- and one that we've seen firsthand in some of our recent research in the area of part/materials/ingredient level compliance and traceability -- is that "compliance oversight is typically scattered across multiple departments with limited centralized auditing, which can make identification of data and compliance verification seem like forensic analysis."
Craig does a great job of explaining, on a vendor level, how companies can begin to drive compliance. He suggests beginning by creating a "central repository of reviewed and approved legal language that represents the company's position on regulatory, policy and commercial compliance standards" which can then enable them to use "contract and sourcing templates to create a contract that reflects the company's starting point for compliance standards with any external entity (e.g., supplier, customer, channel partner, contractor)." Then, "data from supplier management tools should be pulled in to map supplier qualification and certification data back to the latest contracts" to "ensure all suppliers are up to date on all qualifications and certifications required to perform their service at desired quality levels in specific geographies."
On the vendor level, this is solid and succinct advice for a topic that deserves far more space than Craig's byline allowed. Yet we would argue that companies need to take the compliance angle down at least one level -- actually, in multiple directions at once -- considering not only compliance at the supplier level for direct materials, but also at the part, materials and ingredient levels across potentially multiple tiers of suppliers. For example, maintaining something as "simple" as access to up-to-date material safety disclosure sheets (MSDS) for materials that require it at levels of production and distribution can prove far more complicated than it would at first glance for outsiders who aren't accustomed to the often loose (too loose) collaboration between environmental, health and safety (EHS) teams and procurement and finance.