What are Companies’ Biggest Risk Misconceptions? A Conversation with Coupa Economist Ahmad Sadeddin (Part 2)

Editor’s note: This is Part 2 in a two-part interview. Missed Part 1? Read it here.

As a senior economist and risk expert at Coupa, Ahmad Sadeddin is in a good position to see what companies do well and not so well in terms of risk management. Unfortunately, companies are being put to the test more frequently these days, as risks become more numerous and unpredictable.

This exponentially more complex world, as Sadeddin called it, is why he and Spend Matters founder Jason Busch decided to host a webinar next Thursday, October 26, to address three major risk areas: regulatory, environmental and economic. The webinar will be held at 12 p.m. CDT, and it is free to all attendees.

In this second half of our pre-webinar interview with Sadeddin, the risk expert discusses common risk-related misconceptions, challenges that Coupa’s clients have faced and one recent risk success story that impressed him.

Sydney Lazarus: Earlier in this interview, you had talked about how if companies don’t have a proper vendor risk management contingency plan, having a ton of data won’t help them when a real risk event happens. I’m sure you’ve seen plenty of those instances.

Ahmad Sadeddin: Right.

SL: Can you think of any impressive risk management success stories cases off the top of your head?

AS: Companies will have different philosophies on how to act. One of our customers said [about a high-risk vendor]: “We're going to work with the vendor and make sure that they survive. We’re going to go talk to them about [the fact] that we know that they're high risk and see how we can mitigate it.”

For a lot of people, when they see a high-risk vendor, [they] dump them. That was really awesome to see our customer say, "No, we were a small company at one point, we were probably high-risk. We're going to go work with this vendor, we're going to ensure their survivability together. This is a partnership.” They had this culture of risk management that was very collaborative. I think that's kind of the next wave of risk management, where you try and do riskier business with your partners. I think that was really eye opening for a lot of us, how our customers perceive risk.

SL: What are some popular risk-related misconceptions?

AS: One of the big misconceptions that large companies have is that these complex systems are the right way to do vendor risk management. They would be exporting a lot of different data from a lot of different systems into Excel and start to do funny Vlookups and start to merge all this data. We say, look, you don't need to do all of that heavy lifting, there are a lot of automated ways in simplifying your workflow.

I always say that these complex risk management systems are like a house of cards. They set up the house of cards, but they don't want to touch it. I'm like, "No, no, touch it and make sure you automate a lot of that.” Your time is better spent not figuring out how to not merge the data points. Your time is better spent figuring out how to work with your suppliers, how to de-risk doing business with them, how to build contingency plans that actually work and are enforceable.

That's the stuff that I would love to see our customers kind of break away from. We've heard of some cases [where] it takes three months to analyze 1,000 suppliers. Then you have another three months of implementation. [By then], that supplier may have gone bankrupt. They might have passed a new law, a hurricane might have happened, a million things might have happened in a matter of hours or days.

SL: Judging from Coupa’s customers, what are the main risk-related challenges that they face?

AS: Some of our smaller customers have never done vendor risk management. They've not done it because the barrier to entry is so high. You have to work with credit agencies, and you have to manage which vendors you want to do it. For small procurement teams, [it seems to be a] very overwhelming thing to do. For our larger customers, some of the challenges were de-siloing all of the information. How are the suppliers performing across multiple different buyers? [Companies] have always struggled with analysis paralysis in Excel.

SL: Let’s conclude with a general question. How would you judge the state of risk management today? How are businesses doing?

AS: I feel like risk managers may be spending a lot of time on getting the right data and trying to incorporate it, putting the Lego pieces together rather than actually enjoying the Lego set itself. It’s a lack of sophisticated systems [but plenty of] complex systems that don't need to be so complex.

Want to ask Jason Busch and Ahmad Sadeddin your own questions on risk management? Make sure to register for this free webinar next Thursday at 12pm CDT!

Share on Procurious

Discuss this:

Your email address will not be published. Required fields are marked *