Of the many laws that affect the international outsourcing space, one of the most important must be that of diminishing returns. At its heart outsourcing is about efficiency – a provider can only offer a decent value proposition, and turn a profit, if it can achieve a desired output more efficiently than can a would-be buyer of its services – and yet there’s only so much money in the hypothetical pot to invest in driving efficiencies: as a very basic example, if one can spend $x to achieve 10% savings, by the fifth investment of $x the savings made are only around 60% of what was achieved with the first tranche. The returns diminish. After a while, it becomes less and less worthwhile to invest $x in that project, when the same amount put into another deal can yield significantly more.
Finding the right balance between investment and returns (and knowing where is the line beyond which further investment will yield returns too paltry to justify) is vital in any business, but especially one as efficiency-based as outsourcing, where relationships have historically often featured buyers demanding constant and consistent efficiency gains and savings – and, moreover, where the necessary investments in technology and people can be gigantic. Hence the desire on the part of providers to share the value gained by any given investment across as many clients as possible – and the complications resulting from buy-side demands for bespoke work and customisation without a simultaneous understanding of why this of necessity means higher costs, which need to be passed on somewhere, somehow…
The global regulatory environment is heating up – and not just because it's summer. As government enforcement actions capture headlines, corporate leaders are rightfully concerned about whether their due-diligence strategy can hold up to the increased scrutiny. Richard Girgenti, KPMG LLP's National and Americas leader for Forensic Advisory Services, wrote in an article in Metropolitan Corporate Counsel recently, that the rapid and ongoing nature of regulatory changes, the array of agencies involved in bringing enforcement actions and the aggressiveness with which they are enforcing such actions are resulting in "record fines and penalties, class action lawsuits, lost earnings and reputation damage." Girgenti would know, having more than three decades of experience – not just in advising organizations but in conducting investigations and overseeing policies on the enforcement agency side of the coin. So, what does he see as some of the top of mind issues for corporate leaders who want to stay out of hot water with regulators?
Three Enforcement Areas that Demand Enhanced Due Diligence
Mark Dunn, Segment Leader, Entity Due Diligence and Monitoring, LexisNexis
Two weeks ago my daughter was diagnosed with Type 1 diabetes. It rocked my world. We've been blessed with four healthy and happy children and frankly haven't had many concerns when it came to their well-being. But there we were at a regular doctor's appointment, being told that our daughter, Hayden had blood glucose levels that were so high that we needed to go directly to the hospital. It doesn't run in my family, so it wasn't a condition I would have ever thought would "happen" to us. But it did. And now for the rest of her life, my little girl will be dependent on insulin to do what her pancreas cannot. For several days, I wondered what I could have done to prevent this diagnosis. But in the case of Type 1 diabetes, the answer is...nothing. It is non-preventable and currently non-curable. But it did make me realize that I could become more aware of the risks associated with it. I could tap into every person I know with first-hand experience, including one of the best resources I could find, my own CEO Dawn Evans whose daughter has been diagnosed for 10+ years. Through Dawn and every contact, website, blog and organization I could find, I could educate myself on the possibilities associated with a Type 1 diagnosis, and prepare myself for what MIGHT happen down the road. In much the same way, companies that engage in global sourcing strategies must also be aware of the risks and understand how to mitigate them. At our upcoming Global Leadership Summit in Fort Worth, we have many sessions focusing on this topic. Companies engage in global sourcing because the benefits are thought to be greater than the risks. But understanding the risk categories, weighing the possible outcomes and coming up with a risk mitigation plan can help companies find the balance between lower cost and higher risk.
The issue of Supplier Risk Management has been in the news recently. In January, Wal-Mart released its 'Ethical Sourcing Update,' wherein it announced, amongst other changes, a new zero tolerance policy for suppliers that used unauthorized subcontractors. The new policy was in response to the fierce criticism that Wal-Mart received in November 2012 after a fire in a Bangladesh garment factory claimed the lives of 112 workers. In that case, Wal-Mart claims that the factory in question was used without its knowledge and that it had stopped authorizing production there. The rise of highly fragmented and global supplier networks has necessarily lessened the amount of control that any company has over its supplier network. Accordingly, Supplier Risk Management is a growing discipline that is receiving increased attention. Current globalization trends only serve to reinforce the need for a dynamic, fluid and strategic Risk Management program. A recent but already classic example of poor Supplier Risk Management involved the hard disk drive industry. The industry was highly concentrated in Thailand, with over 1,000 factories operating in the sector. In late 2011, the country experienced a particularly strong monsoon season that caused widespread flooding. The flooding set back hard disk drive manufacturing for months and caused global prices to increase approximately 10%, affecting PC sales worldwide. It was almost a full year before production returned to pre-flood levels. The classic methodology utilized in approaching Risk Management hinges on three core work streams: Risk Analysis, Risk Assessment and Risk Mitigation. At the highest level, the goal is to determine the probability of a negative outcome, determine the impact of such an event and introduce measures which will lessen the impact.
Patrick Reymann, Director, Strategic Sourcing Operations, Corbus
I just finished viewing insights from Risk Expert Joe Yacura of ISG, in the video, Supply Chain: Understanding The Risk Factors. This was an excellent, less-than-30-minute overview of supply chain risk management that I enjoyed with my bagel and tea. Joe discussed the critical nature of supply chains and the sources of risk, and he made some recommendations on how to harden the supply chain, specifically addressing cyber-attacks. A company’s supply chain and it's criticality to the company’s reputation is more evident as the sources and frequency of risk increase. Joe defines supply chain risk simply as "the disruption of the flow of products or services that meet the requirements [of the company]." Consumers and regulators alike want greater transparency into supply chains, with a better understanding of vulnerabilities, and as a result we are seeing an increase in mandates for company supply chains. Major sources of risk include weather, natural disasters, product reliability and consistency, counterfeit information and misrepresentations. Let's consider some of those risks: weather...who among us thought Manhattan could be so vulnerable until Sandy hit? How many of us, our hearts aching for the victims, were also concerned about our financial institutions and information, servers and files drowning in rancid water? Were there back-ups? Was my credit card statement floating in Battery Park or the basement of the bank I use? Cyber-attacks: wow, even the New York Times went down recently. If they can lose their bread and butter who else can be hit?
Mary Zampino, Senior Director of Global Sourcing Intelligence, SIG