As companies look to pivot from the pandemic, their focus of attention is turning towards building sustainability in supply chains

The unprecedented level of disruption caused by the global pandemic has had a lasting impact on business continuity and supply chain management.

While the focus for many businesses over the past year has been on stability and resilience, there has also been a shift to better understand the new factors that are relevant in supply management.

Publicly-listed companies will already be familiar with the requirement to manage and report on their own sustainability. The impact from their operations on the environment and society at large is now regularly measured and assessed through Environmental, Social and Governance (ESG) scores, and these in turn are heavily scrutinised by investors and the press alike.

The financial markets have put a premium on companies that operate in a sustainable way. Research from McKinsey suggests that C-suite leaders would be willing to pay a 10% premium to acquire a company with a positive ESG record.

The downside is that companies will also be held accountable for ESG-related scandals that involve third parties within their supply chain, which, for some industries, can be up to 98% of their exposure to controversies.

Well-known retailers have felt the negative impact of poor working conditions for employees at their suppliers. And we have seen regulators frequently hold corporates accountable for the actions of third parties – the SolarWinds hack is one example where we are yet to see the full extent of the regulatory response.

Growing regulatory scrutiny

The level of risk lurking in supply chains is not always obvious from a company’s ESG rating. And to complicate matters further, our own research suggests that a large proportion of companies do not fully understand their own level of exposure. A survey by Refinitiv shows that up to 43% of third parties are not put through any form of due diligence checks.

The lack of awareness has led to calls by activists and investors for more to be done. The European Union is introducing a new Supply Chain Due Diligence Regulation later this year incorporating mandatory human rights and environmental due diligence.

While the concept of building sustainable supply chains gains momentum, there is a lack of reliable data to benchmark suppliers and third parties. And in many instances, there is no formal contractual obligation to encourage sustainable business practices within supply chains.

The lack of data is compounded by that the fact that a large proportion of supply chains consist of private companies. Larger corporates that want to better understand their suppliers frequently find less emphasis placed on ESG awareness, procedures, and policy the further they move down the chain of suppliers.

Consequently, for most, achieving sustainability in the supply chain is done on a best-efforts basis but there is a need to validate what their suppliers are telling them through external or third-party conducted due diligence.

So, what can be done? Forward-looking organisations focus on determining not just the amount of data but also the type of data their supply chain resilience plan requires. There is an emphasis placed on sustainability and ESG factors in risk management, but appropriate due diligence also includes cybersecurity and credit ratings, as well as data related to identity, integrity, financial, and operational and quality risks.

From the tangible to the intangible  

Supply chain risk has historically focused on geo-political and logistical threats, today it’s more likely to be cyber risk, data privacy and information security keeping the C-suite awake at night.

Risks change and evolve quickly and so staying on top of them requires ongoing monitoring and evaluation.

To that end, it is important to identify and actively manage the risks your company cares about and to find ways of benchmarking suppliers. When taking an inventory of the risks you view as critical, recognise that some of these may have evolved.

For instance, where previously your company may have been focused on sanctions risk, does a data privacy breach now pose a greater threat? Alternatively, if financial stability of a supplier is a risk factor and you see performance is tailing off, then should you also be checking other risk factors – such as whether the supplier is still maintaining its commitment to diversity and inclusion, for example.

When it comes to analysing suppliers, many of the companies we work with use a risk-based approach to determine their criticality and employ an assessment process that can be defended.

Depending on the nature of your business, a substantial proportion of your suppliers may be low risk, but that doesn’t mean that you don’t have an obligation to perform a level of due diligence; the depth and frequency of that analysis should be aligned to the risk they present to you and how important supply chain sustainability is to your business goals.

While issues exist on gathering data related to private companies, there are providers that gather and maintain data that can be dynamically monitored. Structured due diligence can then be performed on the proportion of suppliers that are viewed as critical, where external research can be leveraged in the assessment process.

The road to future-proofing supply chains against disruption will require a more structured and data-led approach towards dynamically mitigating risk. It also entails aligning the priorities of the third parties in your supply chain to the sustainability goals of your own organisation.

Focusing on these factors in the management of your supply chain reinforces your role as a reliable and trusted service provider in a competitive market and ultimately adds to the value of your business.

Charles Minutella is head of Refinitiv Due Diligence at Refinitiv, an LSEG business.