Managing risk through contracts
Continuing my theme of the role of contracts in the management of change, another example is in the field of supplier selection and ensuring that a trading relationship does not result in reputational or regulatory exposures.
Many organizations are struggling with how best to include this risk in their overall processes. The challenges they face include how best to identify risk severity, how to then incorporate identified risks into supplier selection and the process for on-going governance and oversight.
McKinsey illustrated this growing need in a recent article that discusses supplier risk and suggests a six-step plan for its management. They use the Financial Services sector as an example since the need there is especially extreme. Interestingly, I find the McKinsey view rather inward-looking. It makes no mention of how the trading relationship itself might be impacted, except in the most generic terms, and it does not discuss the extent to which implementation requires fundamental changes to the contracting process and terms (surely, if nothing else, making this a seven-step plan). Nor does the article consider the responsibilities – or opportunities – that today’s regulatory environment offers to suppliers and the fact that the best of them will be competing on their superior compliance capabilities.
In the end, improved supply risk has to be tackled through the contracting process. For example, having identified sources of potential exposure and their severity, they need to be incorporated into business requirements and supplier selection. The weighted factors for choosing a supplier must change dramatically – price becomes far less important than reliability and capability to avoid reputational or regulatory exposure. These criteria then flow through into contract terms. Whereas the finance industry cannot absolve itself from risk, it will certainly expect suppliers to make commitments in at least two key areas:
1) through terms that enable high levels of transparency on operational quality. These will include things like rights of audit, communication and reporting procedures, revised KPIs, shared approaches to problem resolution – in fact, many of the factors we use at IACCM to define ‘relational contracting’. Most of these are measures to reduce risk probability.
2) increased allocation of risk consequence. Inevitably, the customer will want suppliers to feel the pain if their actions – or inactions – cause an exposure. This drives towards tougher negotiations on the traditional areas of liability, indemnities, liquidated damages etc.
What does this mean for broader contracting strategies? One thing we are observing is that customers are becoming better at segmenting their supply relationships. They need to ensure greater rigor for those suppliers who represent the highest risk. On the other hand, they cannot afford to spend so much time on negotiating with the low-risk suppliers. So the smart approach is to relax some of the onerous risk terms at the low end (and reduce the need to negotiate) and to focus efforts on the high end.
For suppliers, the opportunity is to differentiate through superior performance capabilities. In general, these customer concerns tend to favour the bigger suppliers because they share an obvious interest in avoiding reputational damage and they have the resources to build capabilities. But in a sense, big companies also face greater problems. Their very size can make it difficult to maintain full oversight and ensure integrity throughout their operations. Overall, suppliers must design operational quality into every step of their procedures and those who pro-actively offer superior reliability and governance can win new business. That superior reliability and governance is primarily evident in one place – the contract.