SMEs ARE UNDERESTIMATING
THEIR SUPPLY CHAIN RISKS
by Stuart Spencer, CEO, Asia Pacific, Zurich General Insurance
The majority of Small and Medium-sized Enterprises (SMEs) across the globe think they are well positioned to manage supply chain interruptions, with only one in seven believing their business would be significantly impacted if they were to lose their main supplier. These are the findings of Zurich’s third annual SME survey which highlights how SMEs might not have full visibility of their supply chains and are therefore underestimating the risks their businesses are exposed to.
Zurich’s third annual SME survey, which polled 3,000 C-Suite executives and managers at SMEs across 15 countries in EMEA, the Americas and Asia Pacific, found that 55 per cent believe the loss of the most important supplier would not impact their day-to-day business. This figure is even higher in Asia; more than 78 per cent and 88 per cent of surveyed SMEs in Hong Kong and Malaysia believe there would be limited to no impact on their business operations.
The rationale behind these optimistic responses is the belief they are not solely dependent on one supplier and that any impact would be limited to a short delay in the production and delivery process until another supplier is sourced.
A separate study jointly conducted by Business Continuity Institute (BCI) and Zurich, the Supply Chain Resilience Report 2015 report, found that nearly one in ten organisations are not aware of who their key suppliers are. As many as seven in ten organisations admit to not having visibility over their entire supply chain and that half of the disruptions occur beyond the preliminary supplier of goods, therefore making it extremely difficult to establish where an organisation lies within its suppliers’ priorities. This perception comes despite 74 per cent of the surveyed organisations suffering from at least one disruption during the previous twelve months and 14 per cent having suffered cumulative losses of at least USD$1m as a result.
The above is a stark reminder that businesses in Asia are very likely underestimating the risks associated with their supply chains. There is a critical requirement for them to reexamine the way they assess their supply chains to avoid major consequences when it comes to managing the supply chain and ensuring that disruptions are minimised.
What can SMEs in Asia do to gain a better understanding of their supply chains?
Before delving deeper, we first need to be able to differentiate between the two types of supply chain risks, which are classified as ‘accidental’ and ‘deliberate’. Problems affecting supply chains are often accidental, such as the result of a fire at a supplier’s plant or a natural catastrophe. The SME survey found that such accidental risks are a common concern in Asia Pacific, with natural catastrophes and unpredictable weather being rated as top three risks, higher than in any other region.
An example of a deliberate supply chain risk is the production of counterfeit goods that look like established brands but are in fact not produced under the same quality guidelines. This type of supply chain infiltration can put unsuspecting consumers at risk of serious injury – counterfeit medicines, for example, or even fire extinguishers. Deliberate tampering of a supply chain is when risks can quickly become much more complex.
Companies can take action to increase their ability to safeguard against these risks. At Zurich, we have found that increasing visibility along supply chains and resilience can be major sources of competitive advantage.
Zurich’s top five tips to accessing your company’s supply chain
(1) Keeping abreast of complex supply chain risks
Zurich recommends that companies map their supply chain from the level of raw materials all the way through to the endconsumer and analyse the related risk exposures in detail. Zeroing in on the flow of intermediate and finished products in the supply chain, companies should also examine their product security strategy. Analysing ‘blind spots’ in the supply chain helps to develop strategies to increase the resilience of a company in the event that an infiltration incident occurs. Supply chain visibility requires mapping a company’s network to really know who a company’s suppliers and distributors are, and how supply streams create critical risk exposures and interdependences.
(2) Managing ‘traditional’ supply chain risk exposures is also part of the process
Standard ways to do this include looking for weak points, such as placing too much reliance on a single supplier. Once all suppliers and sub-suppliers have been identified, these need to be monitored, and binding standards have to be enforced – in these efforts, some companies work with external companies specialised in fraud detection and protecting against such risks.
3) Risks in the logistics chain also need to be addressed
Logistics hubs increase risk exposures. This is especially true in free-trade zones, which may offer criminals easy inroads into supply chains. Some bodies are active in helping to mitigate these risks, which can also be associated with terrorists: the World Customs Organisation (WCO) has adopted standards that include those aimed at increasing global supply chain security. Protecting intellectual property rights in the relevant markets is required to take legal action against counterfeiters. However, SMEs in particular often fail to take the necessary precautions to protect intellectual property when doing international business.
(4) Keeping close contact with consumers
This is another way to spot problems and learn where they might arise; customer hotlines, a dedicated email address and social media can help. Companies must also respond quickly and credibly when a problem arises, especially when a problem puts consumers at risk. The way a supply chain crisis is handled can make or break a company.
(5) Enhancing product and supply chain security
Measures to make companies more resilient to supply chain risk include taking a close look at all parts of a supply chain, doing a ‘security threats analysis,’ and increasing ‘company-wide awareness.’ It is crucial to select a security technology solution only after a holistic analysis of what is exactly at stake, which security threats should be addressed, and what the related constraints, direct costs and indirect costs are.
However, these are only the internal controls companies can take to mitigate supply chain risks. Beyond engaging with a company’s own internal resources, policymakers also need to be educated regarding the risks of product counterfeiting and tampering and how the legal and regulatory frameworks can help to discourage them. Key public policy issues in this context include the need to protect intellectual property rights to foster innovation as a key economic driver, and above all, to ensure consumer health and safety.
Ultimately, companies need to do what they can to become resilient, meaning they are adequately prepared to absorb shocks, recover, and become operational again as soon as possible.