Back to Hub

Making Sense of Supply Risk Management Solutions (Part 4) — Supplier Financial Risk Monitoring Services

07/31/2020 By

In previous installments of this Spend Matters PRO series, we outlined the overall segments of the supply risk management market and then began diving into the supply chain risk management segment and the overall supplier risk management area with a focus on risk management within a supplier management context that sits within the broader area source-to-pay (S2P).

For most procurement leaders though, supplier risk management can be a daunting problem to tackle if looked at truly holistically and strategically — especially when those leaders are not always measured on supply risk. In fact, in a research study that we did a few years ago with over 200 procurement professionals, we found that 53% of them weren’t even measured explicitly on reducing supply risk.

That said, no CPO wants to be caught out if a critical supplier goes bankrupt, and this is why a higher percentage of firms will perform a subset of supplier risk — supplier financial risk monitoring for critical suppliers. In fact, CAPS Research came out with a metric in April citing that 72% of surveyed firms (which tend to be large enterprises) are currently using third-party tools to monitor the financial health of their suppliers. The knowledge of which suppliers are struggling also helps illuminate other supplier performance areas that are likely being impacted: innovation, risk reduction, etc. It’s not just a supplier “death watch.”

These tools (which are really more data services than tools) are the ones that we’ll now delve into. And the timing couldn’t be more critical given what’s happening with the COVID-19 pandemic and the impact that it’s having on so many suppliers right now — especially smaller / private suppliers that don’t have strong capital reserves to weather the prolonged crisis that looks to be hanging around for at least another 12 months.

The market for supplier financial risk monitoring is especially challenging because it’s complex, poorly regulated and not well understood — and this leads procurement leaders to make suboptimal choices (improper scoping, generic sourcing strategies, using “safe”-but-expensive incumbents, etc.) — leaving them underprotected and/or overpaying (sometimes over six figures annually!).

We’ll spend the rest of this installment time helping readers understand this market a little better and how to approach it more deliberately and effectively. We’ll also analyze some of the pros and cons of using various providers’ strategies and specific providers such as Bureau Van Dijk, CreditRiskMonitor, Cortera, Dun & Bradstreet, Equifax, Experian, FICO, RapidRatings and others.

Overview of Supplier Financial Risk Monitoring

This is the “classic” risk sector, dating back over 20 years, with D&B being the largest and most well-known provider. (That actually goes back 120 years!) As a side note, D&B just went public, again, having been taken private back in 2018 by investors who’ve been cost-cutting and looking to get a “pop” in the market.

Most vendors in this sector aggregate/solicit company financials, B2B trade data (if available), and “firmographic data” (data used to categorize firms, such as industry, geography, company size/type, etc.) to predict and monitor supplier financial health.

While regulated bond ratings agencies like Moody’s, S&P and Fitch will issue bond ratings to help potential investors evaluate a firm’s potential risk, they’re not well-oriented toward supplier financial risk monitoring, which requires both independent coverage of smaller/private firms and also an ability to perform ongoing timely monitoring. Of course, they can still be an input to use if the finance department subscribes to one of them.

Example providers: CreditRiskMonitor, Cortera, Dun & Bradstreet, Equifax, Experian, FICO (previously Fair Isaac), RapidRatings

The supplier financial risk monitoring market is primarily a DaaS (data as a service) value proposition, with the data being a financial risk score that is somewhat similar to a credit risk/rating score (i.e., a measure of risk), although slightly different because supplier risk scoring is about monitoring the health of strategic supply partners rather than a credit rating that helps set tactical short-term borrowing limits.

These providers’ services are often purchased for use of customer risk/credit assessment on the sell-side (which is understandably a larger market). As such, this market is partially served by business credit rating agencies like Experian and Equifax (and D&B of course). The input factors into business credit ratings can be an important input into determining supplier financial health — if those inputs are available, accurate and timely. But, it’s only one input to a broader picture.

Market Dynamics

Before discussing any providers in the market, it’s critical to understand the issues and dynamics with this market:

  • The first problem with B2B credit ratings is that the industry is not regulated in the U.S. like consumer-facing credit bureaus. This can lead to poor oversight and shady business practices. Just do a web search on “D&B Credibility lawsuit” (or check out D&B customer reviews on BBB.org) and you’ll get a flavor of this. I’ll cover D&B more specifically in a moment.
  • Major credit bureaus do tend to focus more on the U.S. than on global coverage.
  • Financial statements are obviously good inputs into financial health scoring, especially if analyzed properly (and using more sophisticated algorithms than just calculated using an Altman Z score), but only a subset of firms are public and/or are required to disclose financials in their respective countries.
  • Private company financials aren’t often reported willingly unless buyers ask suppliers directly for it, the buyers are strategic and trustworthy, and/or a third party like RapidRatings can be engaged to collect the financials and report out a rating without disclosing the underlying financials.
  • Data such as financial statements can get stale quickly, but still be used (e.g., a public company that goes private) many years beyond the data’s relevance. Aggregated data can also be duplicated/fragmented across many corporate IDs depending on how the company name and address are listed.
  • Trade data (sometimes called “trade experiences”) is the operational “data fuel” for powering trade credit calculations — just like with personal credit score calculations. But B2B trade data is trickier because most of the spend flow of B2B trade data is “dark” — i.e., proprietary between the trading partners and not reporting externally. And this darkness usually ends up degrading data quality, which in turn makes it less predictive and often harmful when it generates “false positive” alerts that waste buyer/supplier time and even supplier health if buyers over-react to the alerts. However, there are a few exceptions to this commercial data darkness:
    • Some of the issuing banks for commercial cards (p-card, t-card, v-card, etc.) will sell their data to the credit bureaus. This can help see how timely your suppliers are in paying their bills to those banks for that tactical spend segment. For very small suppliers, this insight (and that gleaned from the owners in proprietorships and partnerships) can be useful. Experian does this, but FICO, the provider of the consumer FICO credit score, goes one step further by synthesizing the owners’ FICO personal scores with a combination of the other three main B2B credit bureaus (Experian, Equifax, and D&B). Also, some alternative lenders (e.g., firms like Lending Club, Prosper, etc.) will have similar agreements of sharing trade information, but they’re not yet a major input here.
    • A few hundred major suppliers (e.g., major suppliers of office products, MRO, online marketplaces, gas companies, etc.) will also do the same and report “trade experiences” to the credit bureaus (likely in return for commensurate services).
    • Some providers focus on specific vertical industries and are not included in this report.
  • If credit ratings providers have limited information about a supplier, some will use that lack of information as a strike against that supplier and then “encourage” the supplier to enhance/build its credit profile (often for a fee). The firms may also use firmographics as a way to estimate risk based on aggregate average financials of the firm’s market (e.g., you don’t need to see the financials of your private suppliers in the travel category to know that they’re hurting right now).

All the providers in this market don’t just provide risk/credit scores (and rule-based alerts based on the scores or input factors). They also provide basic business profile information and may aggregate and publish public or pseudo-public information on liens, judgments, etc. However, the data quality will be highly variable based on the points made earlier. This example from Experian is fairly typical. These firms may offer single free reports themselves or through intermediaries / channel partners. It’s a no-brainer to recommend having suppliers pull their business credit profiles and make sure that their basic information is accurate, but those suppliers should be wary of the sales processes that get kicked off at these firms to then aggressively sell trade credit building services. It’s also fun to do this with your own company (or competitors) and see what comes up — but of course, ahem, always check with your credit/finance folks.

In terms of the scores/indexes themselves, the providers generally utilize proprietary methodologies to create risk scores/ratings based on trade data (as mentioned earlier), financial statements (if available or obtained for rating purposes), completeness of credit profiles, and firmographic data. A few are also trying to add more sophisticated sentiment analysis based on social data like LinkedIn and other unstructured/semi-structured data. Note that for private-equity-backed private firms, there are numerous intelligence firms such as Crunchbase, TechCrunch, CB Insights, Owler, Tracxn, Pitchbook, PrivCo, DueDil (good in Europe), Zoominfo and others that can be useful here.

Market Segmentation

As mentioned, the primary segment here are the B2B credit rating agencies, namely the big ‘3’ of Experian, Equifax and D&B. FICO also provides derivative scoring with its SBSS. Experian and Equifax are very similar in that they sell to corporate finance folks in treasury/credit with a focus on customer credit limit calculations — not on supplier risk. This is where D&B has established its dominance by focusing explicitly on buy-side financial risk scoring requirements that transcend traditional credit scoring used by Finance.

A Few Thoughts on Dun and Bradstreet (D&B)

D&B really requires a separate vendor analysis because of its market position, complexity of its services portfolio, and its service breadth beyond supplier financial risk scoring. Its service portfolio breadth and focus (including very overtly on procurement and supply chain) is its key differentiator: one-stop shopping where a CPO can subscribe to its various permutations of ratings/scores (i.e., credit-centric ratings and broader supplier risk scoring), but also its portfolio of other solutions related to:

  • entity de-duping (via DUNS number and corporate parentage hierarchy)
  • enrichment of business profile info and other info like diversity
  • broader supplier/supply risk monitoring
  • supplier risk surveys (supporting a “know your vendor” use case for third-party risk management)
  • partnerships with all sorts of S2P tech apps and networks

The problem with D&B and its complex portfolio of similar supplier financial risk scores/ratings (e.g., “D&B Rating”; “Supplier Evaluation Rating,” “Failure Score,” “Viability Rating,” “Delinquency Score”) is that it’s heavily biased toward the availability of company information and company trade data (e.g., via its “Paydex Score”) that it’s able to access. For example, the following type of firm will get great scores: a large U.S.-based supplier with a long business history and an active upkeep of the D&B record, including cherry picking its most timely-paid suppliers to report to D&B with its payment performance. Of course, this is assuming that it’s not generating adverse public filings and slowly going out of business because of deteriorating financials (especially for private firms).

But for smaller, newer, global and/or private firms without this public “digital footprint”, D&B doesn’t have much information, and that lack of information somewhat penalizes the supplier because D&B doesn’t have the intelligence. Of course, D&B will happily allow the supplier to fix this by building its record and then monitoring it with its fee-based credit building services, but this upselling process by specialized D&B business units (e.g., its CreditBuilder unit) has been the reason for multiple class-action lawsuits over the years. There is also an active FTC investigation (related to unfair or deceptive acts or practices) cited in the firm’s recent S-1 filing. This unsavory aspect to D&B (and its history of “creative strategies” on the right hand side of the balance sheet) is too bad, because the firm does have so many great things going for it.

So, to net it out, D&B provides broad-based supplier intelligence (e.g., see an example report here), but the two main deficiencies in D&B’s intelligence to actually predict supplier failures (and also hopefully not generate too many “false positive” alerts) is related to 1) developing robust predictive analyses based on actual financial performance and 2) a better way to gather timely/accurate “payment experiences” trade data.

This is what a few niche competitors are addressing. They include:

  • RapidRatings’ specialty is performing robust financial analyses and developing predictive analytics on company financials to create its Financial Health Rating (FHR) and associated content such as its slick NLG-aided Financial Dialog Reports that we wrote up previously here. RapidRatings focuses heavily on enticing private companies with a “win-win” offer to rate them (which provides great insight to them as well through the lens of financial metrics/ratios) and share that financial health rating to trading partners without having to submit the underlying proprietary atomic-level financials (even though the large majority of suppliers do actually share the financials). This provider obtains private financials on behalf of enterprise clients and also licenses the ratings to the private companies that can then syndicate their ratings to others. Since the firm has automated its analysis (including an API), it will run a free FHR on any public company to show a prospective customer what it looks like, how it works, and how to interpret the data. So, buyers can get an example readout on a public supplier for free to check it out. For more on RapidRatings, see our previous coverage here.
  • Cortera is a B2B credit rating firm that uses community-based member benchmarking of accounts receivable data (free to data submitters, but fee-based for those who want to buy a la carte credit reports). From a buying organization viewpoint, Cortera tries to aggregate AR data from your suppliers’ suppliers who can rate how well your suppliers pay them. The firm claims to have $1.6 trillion in ongoing benchmarked spend volume, but of course “your results will vary.” Cortera primarily sells to credit risk managers, but it’s an interesting value proposition that might have some potential as a partnership opportunity with buy-side providers if the firm can broaden its view to supplier financial risk scoring and not just trade limit-focused credit scoring. We wrote up Cortera many years ago here, but like all the players, they’ve been broadening their predictive analytics scope, applying AI and so on.
  • Credit Risk Monitor (“CRMZ”), a publicly traded (OTC) scrappy provider of credit risk ratings, basically takes a dumbed down version of RapidRatings’ analytics, adds in $2 trillion of community-benchmarked spend (like Cortera does), mixes in data from the bond ratings firms mentioned earlier (and additional information from public/government data sources and also from Thomson Reuters) and then sells subscription-based insights using its “FRISK” score on roughly 57,000 publicly traded firms (and a “PAYCE” score for private firms if enough data is available to predict with confidence using the firm’s touted AI algorithms). The firm is a niche competitor that goes directly at D&B (including this interesting case study on why D&B’s “trade experiences” approach failed to predict Hexion’s 2019 bankruptcy like CRMZ did). CRMZ describes its business fairly robustly here if you want to learn more.

There are also various other niche providers that target different markets by company size, region/country and industry, such as: AM Best, Anosonia, Bureau Van Dijk (now part of Moody’s), Credit.net, Creditsafe, Lumbermens, Seafax, Tarnell, and others.

Typical ‘Solution’ Capabilities:

  • Public data aggregation, analysis and syndication of scores/ratings. Providers may also syndicate alerts from various public/semi-public filings such as legal/regulatory filings.
  • Financial risk scoring / ratings (originated via surveys and/or derived from other data sources). Can include ratings syndication by suppliers themselves once they’ve been rated (e.g., RapidRatings being the best-known specialist here).
  • Insight reports + key score drivers that are inputs into the final score / rating.
  • Historical scores and changes (and alerts based on thresholds that sometimes can be tuned by the buyers).
  • Analysis of firmographic data when individual data isn’t available — especially for private firms or when trade data isn’t available.
  • Methodology, training and personalized outputs related to the scoring/rating (e.g., RapidRatings).
  • Broader supplier risk monitoring beyond supplier financial risk monitoring (which we’ll cover in future installments of this series).

Typical Use Cases: In a similar manner to personal credit score monitoring systems, a user logs onto the system (or is “pushed” alerts via email, text, social, slack or via another API-driven service). The information can be a “pull-based” API call (e.g., to get a rating when setting up a new supplier) or a “push-based” alert when a score, driver, or piece of supplier intelligence like an adverse legal filing crosses a threshold and causes a risk alert to be generated.

Ideally, score changes / alerts happen in sufficient time for a company to take action and prevent a potential loss. Of course, the warnings may lag the event, especially given that financials-based scores are fairly heavily lagging. Conversely, many “false positives” may occur (which creates headaches for suppliers who have dozens of buyers contacting them based on such alerts), but these solutions often are used with other technology solutions and are used as a wide net and “virtual safety blanket” for monitoring key/critical suppliers that are public. For private firms, bespoke ratings will typically need to be created in concert with the private suppliers themselves (e.g., where suppliers’ ratings are shared with buyers, but not the underlying financials).

It should be noted that these supplier financial risk monitoring providers are generally “data as a service” (DaaS) providers and therefore are highly complementary to SaaS providers that can ingest this data and use it as part of broader capabilities for supplier risk management and broader enterprise risk/compliance management (e.g., “GRC”). For example, many providers partner with D&B and RapidRatings right now. The same complementary nature of this sub-sector is also true for broader supplier risk monitoring providers that we’ll address in a future installment of this series. Even so, it’ll be interesting to see to what extent large S2P tech players (with supplier networks) and supply chain finance players might partner and link up their networks with community-based accounts receivable data-sharing networks like Cortera and CreditRiskMonitor to get deeper insights that could help inject liquidity and reduce risk where it’s most needed.

Although we’ve addressed provider-specific issues, there are few practitioner-specific recommendations that we’d like to make:

  • Segment your supply base into truly critical suppliers (e.g., those with high business impact — not just high spend) to monitor in order to reduce scope and fees for the providers that you want to go deep with. However, broad-based monitoring can still be valuable to identify issues to help you plan next steps (e.g., help the supplier and/or transition away to others) and also gain intelligence that can help in negotiations.
  • Identify what you really want beyond supplier financial risk. Use diagnostic services from the providers and see what they’re willing to offer in broader risk management areas before you start narrowing your scope. They have data-driven diagnostics that can help you assess the “hit rate” of your suppliers in their databases and how they can help you size (and seize) the prize.
  • Buy your credit risk colleagues from the finance department some lunch. They are likely monitoring customer credit with one of these providers, and you can piggyback on that contract. That said, don’t get your hopes up. Credit managers think about this problem fairly tactically regarding short-term credit lines, not the broader risk of strategic/critical long-term supplier relationships.
  • Help your suppliers immediately in this process. Have them check their own credit/risk ratings with the providers and fix any data/profile issues out there — and encourage them to do a financial self-assessment and use those insights to guide them to a supply chain finance program if you have one.
  • Financials are generally lagging — so broaden your intelligence with key suppliers. For example, monitor for any signs of deteriorating performance or perhaps a high willingness to take high early-pay discounts that you may offer up.

Stay tuned for more installments as we continue to try to impart a method to this decidedly messy “mashup market” of supply risk management. And please reach out to us if you’d like to discuss this topic or others being covered in this ongoing series.