Even risks like COVID-19 can be foreseen

The first ‘Webinar Wednesday’ of February 2021 was all about supply chain risk and resilience. It is a topic that needs urgent attention because many companies do not have an effective approach to supply chain risk management (SCRM), according to a recent study by Fulda University of Applied Sciences in conjunction with the German Association for Supply Chain Management, Procurement and Logistics (BME). So what can be learned from this research? And where should you start if you don’t want something as ‘unpredictable’ as coronavirus to take you by surprise again in the future? Incidentally, the pandemic and the associated supply chain risks were actually predicted with considerable accuracy back in 2012.

By Mirjam Hulsebos

The disaster at the Fukushima nuclear power plant in 2011 caused supply chain disruption worldwide, mainly among second and third-tier suppliers. One might expect companies to have learned from that and to have improved their view of what is happening further upstream in the chain – but unfortunately they haven’t, as the first wave of the coronavirus pandemic illustrated all too clearly. This picture is confirmed by the SCRM research conducted by Fulda University of Applied Sciences and BME. It reveals that, although companies are investing in tooling and processes, they are still failing to pay sufficient attention to aspects such as culture and organization. Since these aspects play a key role in the optimal use of the processes and tooling, the results of their SCRM activities remain sub-optimal.

COVID-19 is not a black swan

Prof. Dr. Michael Huth from Germany’s Fulda University of Applied Sciences was involved in the study, which was conducted in May and June 2020 among 214 companies in Germany and Austria. He kicked off the webinar with an observation: “Many people think that COVID-19 was a black swan event, but nothing could be further from the truth. In our professional circle, there were already warnings about a worldwide pandemic as long ago as 2012. The information included a very detailed description of how such a pandemic would unfold and what the impact would be on global supply chains. If you compare that description against how the coronavirus pandemic panned out, 80% of the scenario mirrored reality. All this knowledge was available publicly, so any companies that say the pandemic caught them off guard simply didn’t do their homework.”

One thing that struck him was that medical supply chains faced the biggest shortages in March and April. “Virologists had been warning of new infectious diseases for years, but that knowledge didn’t get through to their colleagues in the purchasing departments of hospitals – simply because doctors have really never thought about things like supply chain, and purchasers didn’t think about a pandemic. If coronavirus has changed anything, it’s that everyone now realizes our profession exists, even stay-at-home moms who suddenly discovered that they couldn’t shop for toilet paper in March.”

Lack of insight into second and third-tier suppliers

The SCRM survey was held during the period when most organizations were assessing the damage caused by the first wave of the pandemic. It shows that in most companies the purchasing and logistics departments are the ones most likely to think about supply chain risks, and only 20% of organizations have an independent SCRM function. In 80% of organizations, it is “a secondary task” for buyers and logistics professionals. This is mainly due to two reasons: the fact that the subject is not top of mind among senior executives (“although that will no doubt have changed by now,” chuckled Huth) and that companies associate risk mitigation with additional costs, which conflicts with their substantial investments in a lean approach.

The study also shows very clearly that most companies do not look beyond their first-tier suppliers, with only 40% saying that they also consider the second tier. “And we don’t think that all of them do that in reality, because our survey only asked companies what they do and not whether and how they actually do it,” said Huth. So these results probably mean that 40% will look at the second tier when sourcing some goods, but by no means for all products. Moreover, most companies have no idea what goes on even deeper in the chain, at the third and fourth-tier level.

Huth and his colleagues also researched supply chain maturity. At first glance, the respondents seem to be fairly evenly distributed across the five stages. “But the question is, how much value can we put on this? For example, in the survey we had two respondents from the same company. One described his company as very mature in this area, while the other said SCRM was still in its infancy,” explained Huth. This didn’t surprise him, he said: “Senior executives often have a significantly rosier view of the situation than their colleagues in operations.”

Nevertheless, it is interesting to look at companies’ assessments of their own maturity in terms of the four different aspects: culture, organization, process and methods. “The first two are much harder to achieve than the last two, but they are the prerequisites,” commented Huth, which is why it is concerning that the companies score much higher on processes and methods than on culture and organization. “It’s not just about setting up a process or purchasing tooling. What matters is that SCRM becomes part of your culture, that you make people responsible for it and that those people also have far-reaching decision-making power. As long as that doesn’t happen, nothing will change at the core and companies will continue to focus on short-term costs instead of long-term profit.”

Using machine learning to predict risks

With that thought fresh in their minds, the webinar viewers then listened to Harold Nitschinger, co-founder and managing director of Prewave. This start-up specializing in SCRM and spin-off from the University of Vienna uses machine learning algorithms to fully automatically search through tens of thousands of sources – such as news websites, social media posts and blogs – in more than 50 languages for news that holds predictive value for supply chain risks. The risks are classified into eight groups. The first four are fairly easy to predict: fluctuations in labour markets, political unrest, the financial health of companies, and legal situations that cause unrest. “Things like strikes, trade restrictions or corporate solvency problems can be foreseen a long time in advance. We continuously monitor these risks and assign a probability to them: the probability that a strike will break out at a port, the probability that a company will go bankrupt… That gives our customers plenty of time to look for alternatives,” explained Nitschinger.

The second group of risks occur unexpectedly, such as factory accidents, CSR incidents, natural disasters and cyber risks. Historical data can’t be used to predict when such a risk will occur, but it is possible to estimate the probability that a company will fall victim to a particular risk, such as because there have been frequent data breaches or because the company is located in a hurricane-prone region. In addition, an immediate alert that an incident in the third tier will jeopardize deliveries to suppliers further downstream can save valuable time. He gave the example of a factory in Bergamo: “The whole of Italy went into lockdown on 23 March, but the manufacturer in Bergamo decided to shut down earlier, on 16 March. We informed customers as early as 9 March that the factory closure was imminent.”

Assessing the risks

In conclusion, it is impossible to mitigate every conceivable risk in advance because that would simply cost too much. However, it is wise to identify all the risks – including the downstream risks as well as the upstream ones – and calculate their impact. You can further minimize the chance of a disruption in your supply chain by also ensuring that you are alerted to those risks you choose not to mitigate at the slightest indication that they might occur.