1. From avoiding risk to actively managing risk in
interconnected and complex supply chains
SUPPLY CHAIN
YOUR MOST
VULNERABLE SPOT
2. TABLE OF CONTENTS
INTRODUCTION ...................................................................................................... 2
NEW SUPPLY CHAIN RISKS EMERGING QUICKLY ............................................... 2
CHALLENGE WITH RISK MANAGEMENT FROM THE PAST .................................. 4
DYNAMIC NEW WAYS TO MANAGE RISK.............................................................. 5
CALL TO ACTION.................................................................................................... 6
REFERENCES.......................................................................................................... 7
3. 2
INTRODUCTION
Today’s interconnected global supply
chains are vulnerable to an ever-
increasing number of risks
Shipping giant Maersk blinded by a
cyberattack still struggling to restore even
basic communications like email – Wall
Street Journal 1
Chinese telecom giant ZTE to pay up to $1.2
billion for violating US supply chain trade
sanctions on North Korea and Iran –
Financial Times 2
Automotive and electronics companies in
Europe and the US suffered losses when
suppliers in Japan were unable to produce
relevant components following the Tohoku
earthquake – Allianz Global Claims Review 3
This small selection of major supply chain
disruptions that made the news recently
illustrates the struggles companies face in an
environment that Harvard Business Review
defines as VUCA: Volatility, Uncertainty,
Complexity and Ambiguity4
Supply chain professionals and researchers
have observed “VUCA” in recent years, as
well as other trends that make supply chains
more fragile.
These include:
a truly global supply chain scope
increasing numbers of involved parties
elimination of safety stock
higher expectations about service levels
In addition, a wide range of new risks is
rapidly emerging which leaves many
companies unprepared and vulnerable,
especially to upstream disruptions that can
have a major impact.
The global supply chain risk indicator shows
a steady increase of risk over the last 20
years (See Figure 1).
Leaders are now asking themselves if their
current ways to identify and mitigate risk are
enough? Or do we need a totally new way of
dealing with supply chain risk?
NEW SUPPLY CHAIN RISKS
EMERGING QUICKLY
Within the last decade, supply chains have
become extremely global and interconnected,
even for relatively basic products. As a result,
imminent supply chain risks have evolved
which did not exist before or did not have the
risk implications they do today. These can be
categorized as:
Technological Risks
Strategic Risks
Political & Legal Risks
Environmental Risks
Figure 1: Global Supply Chain Risk Index 5
“
”
4. 3
TECHNOLOGICAL RISKS
Much of the new risk comes from digitization,
the same enabler that brought
unprecedented efficiency and automation into
supply chain management. Companies are
highly dependent on their systems to manage
their operations, which means they face
severe risk from cyberattacks, data theft or
loss of control over operational systems.
Since supply chains are so interconnected,
attackers can use any supplier or vendor
within a chain as a point of entry into a
company’s systems, which has drastically
increased the number of potential attacks.
The resulting losses can range from ransom
payments, reputational loss, operational
shutdowns, fines and physical damage.
STRATEGIC RISKS
Today, companies from around the world
have a choice of suppliers as well as logistics
providers and third-party logistics suppliers
(3PL). Since distance and location are less of
a consideration, companies can choose from
a large number of logistics carriers to
optimize their costs and improve service
levels. However, this means companies are
also increasingly impacted by global carrier
market dynamics as well as demand volatility
from customers. Some recent examples of
carrier uncertainty include the bankruptcy of
the Hanjin shipping line and shortages in
transport capacity on the EMEA-APAC route.
Similarly, demand volatility makes cost
efficient distribution of goods more difficult as
the distribution network needs to be more
responsive and agile than never before.
POLITICAL & LEGAL RISKS
Free trade, intergovernmental co-operation
and legal harmonization have led to more
interconnectedness for supply chains in the
past decades. Recently, however, signs
indicate that liberal trade regimes may
become a relic of the past, either by design or
as a result of political instability. Examples
include:
Increasing protectionism even among
former advocates of free trade (think
Brexit, recent US legislation, Trump
administration positions and the judicial
overhaul in Poland).
Conflicts in regions formerly considered
stable, such as Ukraine, Turkey and
Qatar.
Figure 2: Newly Emerged Supply Chain Risks
5. 4
Such political and legal developments
suggest that trade safety in years to come is
not a given, even in the most developed
areas of the world.
Political and military interventions – which
sometimes surprise the market – can lead to
new forms of borders and barriers, such as
administration barriers, increasing duties or
trade sanctions.
For example, as a result of the Ukraine crisis,
Germany’s exports to Russia went down by
26.1 percent in 2016 compared to the year
before.
ENVIRONMENTAL RISKS
Since today’s supply chains rely heavily on a
smooth and secure flow of materials, external
factors like severe weather, theft and
terrorism have a growing significance. In
2016, cargo theft incidents were on the rise,
and terrorist activity remained a risk for the
global supply chain. Already, more than $10
billion in cargo is stolen each year 8.
These risks, together with increasing
complexity, global dependencies, and time-
to-market pressure, make supply chain
planning increasingly difficult.
Most supply chain executives understand that
the question is not “if” these risks will
materialize, but rather when they will impact
the supply chain. They have moved to
asking, “Are we ready to cope with events
outside our sphere of influence that we
cannot foresee right now?”
This calls for a shift in risk management
strategy from the notion of risk-avoidance to
one focused on managing risks as they
materialize.
Therefore, we believe strong risk
management should be characterized by two
key capabilities:
The ability to react quickly to handle a
crisis situation
Fast recovery from supply chain
disruptions
CHALLENGE WITH RISK
MANAGEMENT FROM THE
PAST
How do current risk management practices
need to adapt to the new situation?
Experience shows traditional risk
management methods often fall short in three
areas:
1. Speed (react vs. simulate)
2. Scope (silos vs. end-to-end)
3. Agility (static vs. dynamic)
SPEED
Supply chain risk managers often create their
response to a risk only after it has
materialized. Even if risk responses were
considered in advance by the organization,
managers must adapt that response to the
actual situation.
Managers must get an overview of the
situation and have clarity about the potential
courses of action – often under severe time
pressure. If managers do not have
transparency, proper analysis and the right
simulation tools, they may make decisions
that can cause more damage than the event
itself.
Figure 3: Global Cyberattacks per Year 6
Figure 4: Global Protectionism Index 7
6. 5
SCOPE
Current risk-management approaches
frequently lack a holistic view of the end-to-
end supply chain. In practice, companies
manage supply chain risks within their
functional divisions. However, a globally
interconnected supply chain requires a
holistic view of supply chain risks that goes
beyond division and company borders.
Without a view of the entire supply chain,
companies cannot identify an emerging risk
and widen their array of risk responses, such
as global reallocation of inventory.
AGILITY
Many of the risk management approaches in
use today are pre-defined in an effort to cover
all potential supply chain risks. This static
approach does not take into account the
dynamic world of global trade, in which risks
often appear where they are least expected.
Real-time monitoring of potential risks
throughout the supply chain is rather the
exception than the standard.
DYNAMIC NEW WAYS TO
MANAGE RISK
Though avoiding risk is still an important part
of risk management, especially for existential
risks (e.g. single points of failure), we
recommend a shift of focus that establishes a
supply chain that is capable of dealing with
the majority of risks as they materialize.
Eventually, this leads to a digitally-enabled
risk-management model.
We see three steps to reaching a digitally-
enabled risk-management model.
CONNECTIVITY & VISIBILITY
The first involves gaining transparency
across the entire supply chain.
To limit effort and risk in connecting supply
chain partners, you should consider a cloud
platform with integrated risk alert capabilities.
In addition, all data should be duplicated and
stored in parallel systems in case one system
is compromised.
New cloud-based connectivity platforms have
reached a level of maturity that enables all
nodes along the end-to-end supply chain to
be connected regardless of the underlying
platform.
By adding external information (e.g. on
weather conditions, strikes etc.), these
platforms can give a fuller view on the status
of supply chains, enabling supply chain
teams to take fact-based and informed
decisions to limit risk. At the same time,
cloud-based platforms can replace direct
point-to-point connections to suppliers and
other supply chain partners, limiting the
complexity in corporate interfaces and,
thereby, the number of entry points for
potential cyberattacks. The platforms can
enable companies to quickly disconnect other
parties from the system if required.
In addition, the platforms become a risk
avoidance tool, since the huge amounts of
data that are generated by individual
companies can be accessed and analyzed in
the cloud to identify and even predict risks
along the extended supply chain.
ANALYTICS
The second step involves analytics for real-
time analysis and predictions. Risk managers
should have a choice of multiple simulated
scenarios to choose from, and each should
based on real-time data.
This can be as simple as switching to the
next possible supplier, but a choice can also
lead to complex risk mitigation actions that
involve multiple partners. Managers must be
able to make fast fact-based decisions that
consider all available information and are
adjusted for potential cognitive bias.
7. 6
AUTOMATION
The third step towards a digitally-enabled risk
management model is automation.
If the supply chain were disrupted, and your
company needs to move to an alternate
supplier, it’s also a chance to add an
automated process. For instance, the order
entry at the alternate supplier could be
performed using robotics process automation
(RPA). In years to come, more complex tasks
will be able to be automated with the help of
artificial intelligence.
CALL TO ACTION
In a world of increasing Volatility, Uncertainty,
Complexity and Ambiguity (VUCA), supply
chains are more vulnerable to risk. Today,
the question for supply chain risk
management is no longer whether a risk will
materialize but when and where.
Companies can better avoid, predict and
manage risks by:
1. Establishing visibility of the entire supply
chain with a cloud-based platform solution.
2. Generating actionable insights from big
data by applying a smart analytics engine.
3. Automating as many tasks as possible
(especially simple & repetitive tasks) to
become faster in responding when risks
materialize.
If you are managing a supply chain and you
cannot answer “yes” to the following
questions, you and your company may be at
risk:
Are you sure that your company does not
trade with any embargoed country or
sanctioned party?
Do you know where the orders for your top
10 customers currently are?
Do you know which orders would be
impacted by a strike in the port of
Shanghai?
What would be the impact on sales if your
partner’s IT system went down?
Who is named to your crisis management
team?
If you answered any of the above questions
with “no” or “I do not know,” you should
evaluate how your supply chain will be
impacted by unforeseen risks.
see also our global point-of-view:
“Chief supply chain officers: Do you
know where your weakest link is?
(click here)
Figure 5: Old vs. new ways
8. 7
REFERENCES
1. Wall Street Journal (2017)
Blinded by Cyberattack, Shipping Giant
Maersk Slowly Restarts Operations
2. Financial Times (2017)
Chinese telecom giant ZTE to pay up to
$1.2bn,
plead guilty in US sanctions case
3. Allianz (2015)
Global Claims Review
4. HBR (2014)
A Framework for Understanding VUCA
5. Chartered Institute of Procurement &
Supply (2016)
CIPS Risk Index
6. Handelsblatt (2015) Infographic Cyber
Security
7. Kommerskollegium (2016)
Protectionism in the 21st Century
8. BSI (2016)
Global Supply Chain Intelligence Report
9. 8
AUTHORS
For more information about this position
paper, feel free to contact the authors:
Michael Dittrich
Accenture Strategy
+41 44 21 95678
Michael.Dittrich@accenture.com
Matthias Mentschel
Accenture Strategy
+49 175 57 63704
Matthias.Mentschel@accenture.com
Christian Meissner
Accenture Strategy
+49 175 57 66259
Christian.Meissner@accenture.com
Julius Ludewig
Accenture Strategy
+49 152 55 480858
Julius.Ludewig@accenture.com
ABOUT ACCENTURE
Accenture is a leading global professional
services company, providing a broad range of
services and solutions in strategy, consulting,
digital, technology and operations. Combining
unmatched experience and specialized skills
across more than 40 industries and all
business functions – underpinned by the
world’s largest delivery network – Accenture
works at the intersection of business and
technology to help clients improve their
performance and create sustainable value for
their stakeholders. With more than 394,000
people serving clients in more than 120
countries, Accenture drives innovation to
improve the way the world works and lives.
Visit us at www.accenture.com.
ABOUT ACCENTURE
STRATEGY
Accenture Strategy operates at the
intersection of business and technology. We
bring together our capabilities in business,
technology and operations strategy to help
our clients envision and execute industry
specific strategies that support enterprise
wide transformation. Our focus on issues
related to digital disruption, competitiveness,
global operating models, talent and
leadership help drive both efficiencies and
growth. For more information, follow
@AccentureStrat or visit our website:
www.accenture.com/strategy