Spend Matters Premium Content:
Risk and Compliance

Beyond Supplier Risk Management: How Procurement Can Take a Leadership Role in Enterprise Risk Management (Part 2) — Aligning Enterprise Risk to Supply Risk [PRO]

risk

In Part 1 of this series, we described the process that most progressive procurement organizations use to relate enterprise risk to supply risk. Throughout such transformations, a single theme pervades: alignment. The premise here is that while value chains are, in fact, a chain of value that flows across multiple stakeholders, the “signal” often gets lost as the components of that value go across organizational and functional boundaries. We’ve written before about this concept of “supply performance management” (i.e., where the definition of supply and the supply scorecard gets translated from the customer-facing value chain all the way down to a supplier/contract level) in terms of measuring and managing supply value, but this same concept also inherently applies to risk management.

Risk management is about protecting those value streams, and therefore the commensurate investment in risk mitigation should align with the value streams themselves. Unfortunately, they often don’t, because stakeholders are not typically measured on risk management explicitly (although they can be measured on it implicitly).

Procurement itself faces this problem. Based on our research, only 8% of procurement organizations are formally measured on supply risk reduction. Instead, they’re measured on overt reward (vis a vis savings) but not on protecting those improved supply outcomes. So, if procurement wants to protect supply outcomes, it will need help and resources from the natural risk owners (i.e., those who are measured on the business outcomes affected by those risks) — and that help will not come unless there is visibility, commitment and action. As such, in this installment of this series, we’ll discuss two critical frameworks that organizations can use to gain alignment.

Coupa and Hiperos: Supplier Management, Compliance and Risk Landscape Implications [PRO]

This Spend Matters PRO brief explores the competitive implications of the Coupa-Hiperos transaction on the supplier management landscape. The analysis includes summary sector M&A implications and summary landscape/competitive implications. It also explores the potential impact on closer competitors to Hiperos (e.g., Aravo), more distant, network and community oriented peers (e.g., Achilles, Avetta, Browz, etc.); and “sleeping giants” on the periphery of the market such as D&B and Thomson Reuters.

Perhaps most relevant of all, as “compliance as a service” becomes more commonplace as a component of source-to-pay systems in areas ranging from supplier qualification to transactional/invoicing areas, we believe these latter groups may begin to come into contact with Coupa for the first time as the worlds of supplier intelligence and hybrid software, network and compliance collide in a networked manner across various industries.

Beyond Supplier Risk Management: How Procurement Can Take a Leadership Role in Enterprise Risk Management [PRO]

risk

There is no shortage of news about supply risk in today’s volatile operating market:

 

  • The 12-month LIBOR rate has gone from 2% to over 3% in 2018, and suppliers are beginning to feel a capital squeeze as buyers further stretch their DPO to hoard cash (beyond stock buybacks of course).
  • Brexit continues to loom as a bugbear regarding UK/EU trade. More broadly, geopolitical risk continues to escalate in the Middle East, Eastern Europe, Central America and the South China Sea.
  • S. trade policy still swings wildly at the press of a POTUS tweet, and so do commodity prices and volatility in general. The VIX index has spiked up 65% in the last 60 days alone.
  • Natural disasters driven by climate change are becoming commonplace and calamitous.
  • Competitive risks are sprouting up as digital disruption is creeping into almost every industry sector — and as monopolies “becomes features rather than bugs” with ongoing market consolidation. In response, compliance regimes like GDPR continue to crop up although enforcement is highly variable by region and country.
  • Cyber risk continues to be the most omnipresent risk that organizations are experiencing cross-industry while everyone is flocking to the cloud in record numbers.


So, enterprise risk management should be alive and well. And, logically, supply chain and procurement executives need to be increasingly prepared to work with their internal business partners to reduce this risk and defend the proverbial gates to keep the risks at bay.

Unfortunately, the castle walls are often not well-guarded because the sentries are not getting paid to do so. Procurement organizations in particular suffer from a misalignment between missing incentives for reducing supply risk and zealous Finance-driven incentives for increasing supply reward in the form of narrow purchase cost savings. Regarding the latter, nearly all groups get measured on purchase cost reductions, but only 41% get formal credit for saving money during the sourcing process when there is no initial cost baseline. However, only 8% of procurement organizations get such "hard credit" for reducing supply risk.

Part of the challenge here is that from an enterprise risk management (ERM) standpoint, there is a broader disconnect between evaluating enterprise risk overall versus extending those risk factors in a cohesive manner out to the supply chain and also out to the supply base (via spend categories and then to individual suppliers) where contracts are signed that hopefully help mitigate most supplier risks. There are four “translations” here where alignment gets lost, and to make matters worse, the risk types being managed are highly fragmented, if addressed at all — especially when various stakeholders are in the same boat as procurement regarding not getting credit (and commensurate resources/investment) regarding supply risk. Risk management gets viewed as a glorified insurance policy and set of “check the box” regulatory compliance mandates rather than a sound approach to bringing risk into the value equation (i.e., protecting the value streams of importance through the value chain).

So, the question becomes how can procurement help solve this when so much seems outside its control? And why even pursue it when there are other things to focus on like hitting savings targets?

The answer lies in deftly “connecting the dots” between enterprise risk and supply risk so that various stakeholders like GRC, internal audit, external auditors, divisional presidents, etc. can not only extend their reach into the extended supply chain, but can also be tapped to help bring some corporate power (and resources) to bear and help drive some changes internally and with your suppliers.

In this installment of Spend Matters PRO, we’ll dive into some best practices for gaining this multi-pronged alignment and also how to align supply risk management within various points of the source-to-pay (S2P) process itself. And, of course, if you want to see how various providers handle supply risk, whether S2P suite providers, or more specialized supplier management providers, then definitely check out our SolutionMaps in these respective areas here and here.

Coupa buying Hiperos: Acquisition Facts, Analysis and Insight [PRO]

Just this morning Coupa announced it was acquiring Hiperos as a carve-out transaction from Opus, which previously owned the supplier management, compliance and risk management solution provider. This Spend Matters PRO analysis provides background and quick facts on Hiperos. It also offers analysis and insight on what the transaction brings to Coupa from a capability perspective and attempts to answer the question: Why Hiperos?

Subsequent Spend Matters subscription briefs (PRO and SolutionMap Insider) will provide insight and analysis of the transaction by exploring the competitive implications of the acquisition for the supplier management and compliance market, offering additional customer insight and recommendations and providing a “Head-to-Head” analysis of Coupa and Hiperos from a supplier-management capability perspective.

Read this briefing to find out more about what Coupa is getting and possible reasons behind the Hiperos deal.

Procurement and Insider Trading: What You Need to Know [Plus +]

Procurement has increasing access to multiple levels of insider information. And just as we have seen enforcement impacting procurement and supply chain activities centered on FCPA compliance, it is likely an increasing set of activities tied to potential information leaks in the capital markets area will come under increased scrutiny as well. In the first installment of this Spend Matters Plus research brief examining the potential for insider trading based on procurement information, we covered lessons from other areas of the business as well as introducing the types of insider information that could be acted on by those inside the company or shared with external hedge funds or other parties. In this installment, we explore what you need to know about the potential for procurement and insider trading based on increasing data availability within procurement and supply chain organizations and key action steps you can take to prevent breaches.

Does Procurement Inadvertently Facilitate Insider Trading? [Plus +]

Have you considered the potential for insider trading violations and the ensuing lawsuits that could arise from access to procurement information? Perhaps this hasn't even entered your mind. With increasing data availability (spend data, supplier risk/management information, demand data) at the fingertips of procurement professionals and others in the organization, the opportunity to access information that could be used to provide an "advantage" in the capital markets has never been greater. Traditionally, such information (if available at all) was available solely to company “insiders” who could only trade within certain windows (and with other restrictions placed on them). In this multi-part Spend Matters Plus analysis, we explore the growing potential of procurement-related information to create the opportunity for insider trading information.

Predictive Contract Negotiations: Get Full Value From CLM Tools [Plus +]

Contract management is undergoing a transformation, moving from the back of the procurement kitchen to nearly taking center stage. A good part of the reason is the corporate transition from a more passive "risk viewed as lack of compliance" efforts toward a more dynamic and comprehensive approach to risk management. This approach doesn't just examine legal clauses as such. Nor does it merely ensure that agreed upon prices and SLA deliverables are met, although those reasons are obviously part of the equation. There’s more to it — much more. In this Spend Matters Plus research brief, we begin by reviewing the core components of CLM systems, and then we explore the path to predictive contract negotiations, delving into the intersections of big data, predictive analytics and contract management.

Supplier Onboarding: Linking Design With Action (Part 2) [Plus +]

You’ve defined a strategy for supplier onboarding and given full consideration to all of the elements that make your requirements unique. You’ve fully considered which internal stakeholders besides procurement need to be included in the process of supplier onboarding and management. And you’ve mapped specific initiatives to onboarding requirements. But now it’s time to define specific supplier onboarding workflows, fully linking design with action.

Tying up T&E Loose Ends: T&E Meets Risk Management (Part 3) [Plus +]

In previous installments of this Plus series, we discussed the amount of risk companies face when deploying workers around the globe and what precautions the company and its workers must take. In Part 1, we specifically talked about duty of care provisions, and in Part 2 we continued his analysis of corporate travel risks. Today, we complete the series by offering a number of recommendations companies should take regarding T&E management.

Identifying And Responding to Risks Faced By A Global Workforce: T&E Meets Risk Management (Part 2) [Plus +]

What do companies need to be aware of when managing corporate travel and a global workforce? Spend Matters VP of Research Thomas Kase, who has experience working abroad and is our main source for T&E management, started this PRO series discussing the amount of risk a company faces when deploying workers around the globe, how much money a company should allocated to risk mitigation and what is required under duty of care provisions. You can check it out here. Here, in Part 2, Thomas continues this analysis of travel risks and corporate obligations.

Understanding “Duty of Care” When Managing Corporate Travel: T&E Meets Risk Management (Part 1) [Plus +]

travel

Vendors hawking T&E software that spans travel booking and expense management claim that it is not just about policy compliance, but that it is also about the risk management benefits of actually seeing where employees (or contractors) are and, in the event of an emergency, being able to provide support as quickly as possible. Enabling this level of visibility and guidance is not just good business practice; there is also a legal angle to it, which varies country by country (e.g., the menacing sounding “corporate manslaughter law” in the U.K.). But in certain cases, T&E software companies (e.g., Concur) might engage in a bit of fear mongering as a sales tactic, as well. The stick prompts many to action more effectively than any amount of carrot.

The risks exist, of course, and in this Spend Matters Plus brief we provide a primer on managing travel and the global corporate workforce, including the requirements and limits of duty of care provisions, as well as what procurement needs to know and how far it should consider going both as good business practice and under the law. 

ClientLoyalty: Vendor Snapshot (Part 3) — Summary and Competitive Analysis [PRO]

ClientLoyalty competes in what we could most accurately describe as a “sub-sub” segment of the supplier management market. Usually such niches relegate solution providers to a small corner of market obscurity, often to build profitable businesses that go unnoticed by most. But there is actually a real potential market in what ClientLoyalty is attempting to create alongside a select number of other technology providers also focused on the management of strategic supplier relationships: a market for a true supplier relationship management solution.

While there are many solutions today that address supplier information management (SIM) and also supplier performance management (SPM), only a handful actually focus on supplier relationship management — which we are hesitant to call SRM, because the term was usurped by ERP years ago and given an entirely different meaning. ClientLoyalty is one of the few, avenging the “SAP SRM” and “Peoplesoft SRM” product names that did such an original disservice to what SRM is really about. (Hint: It’s not e-procurement!)

This final installment of our Spend Matters PRO Vendor Snapshot series covering ClientLoyalty offers a competitive analysis and comparison with other supplier management providers for shortlist consideration. It also includes a SWOT analysis, user selection guide, summary evaluation and selection considerations. Part 1 and Part 2 of this PRO research series provided a company and deep dive solution overview, product strengths and weaknesses and a recommended fit analysis for what types of organizations should consider ClientLoyalty.