Supply chain risk management: looking back on 2022 & preparing for 2023

141 Views

In 2022, it became clear that effective supply chain risk management (SCRM) is not a luxury but a necessity. The year saw numerous disruptions to global supply chains, including the Russian invasion of Ukraine, the Log4Shell vulnerability, and concerns over rail strikes. These disruptions were compounded by the added complexity of new regulations such as the Uyghur Forced Labor Prevention Act (UFLPA). It is not surprising, then, that 79% of boards believe that improving risk management will be crucial for creating value in the next five years.

As the risk and compliance environment continues to evolve in 2023, businesses must prioritize robust SCRM and third-party risk management to protect their operations from future challenges. To do this, companies need access to the data and tools that enable them to proactively strengthen their SCRM posture. By taking action now, businesses can be better prepared for whatever the future may bring.

2022: The case for SCRM

In 2022, the global supply chain faced numerous disruptions, testing the resilience of almost all businesses. In February, Russia’s Ukraine invasion resulted in significant and immediate effects on personnel, with longstanding effects on the global economy, vendors, and supply chain that are still being felt today. Following the invasion, companies needed to quickly ensure the safety of personnel on the ground, then look to their suppliers to see the full impact of the invasion on their company. Adding to the complexity came the subsequent global sanctions on Russian entities and businesses, with organizations quickly working to identify the impact of cutting ties with sanctioned entities. The swift action required demonstrated the critical nature of supply chain visibility and robust SCRM processes that would allow businesses to respond quickly.

Throughout the year, cyber supply chain vulnerabilities became a major concern. In September, Microsoft confirmed two zero-day vulnerabilities, and earlier in the year, the Log4shell incident showed the impact that widespread vulnerabilities in a company’s software supply chain can have. Without access to real-time cyber exploration and monitoring tools, impacted vendors are difficult the detect and analyze. Firms globally have found it difficult to quickly respond to, asses, and mitigate these vulnerabilities in near real-time without the use of technology enabled tools.

Regulatory action, such as the UFLPA in the US and NDAA 889, has placed greater pressure on businesses to have visibility into their supply chains. The UFLPA requires companies to perform adequate due diligence on their suppliers to ensure they are not importing goods made from forced labor in the Xinjiang region of China. NDAA 889 prohibits government contractors from providing telecommunications and surveillance goods from certain Chinese entities to the federal government. In both cases, it is the responsibility of the business to comply with these regulations, which has emphasized the importance of supply chain risk management (SCRM).

2023: What is to come 

The effects of an economic downturn are already felt across the globe today and will continue in 2023, leaving SCRM in a tricky position. In the U.S, the impact of an economic downturn is already evident with over 88,000 layoffs in the tech sector this year. As the economic downturn persists, companies will look to cut costs and as such, run a leaner supply chain. Moving back to just-in-time SCRM can significantly negatively impact businesses, especially with heightened regulatory pressure. Companies will need to find a balance between cutting costs and ensuring compliance.

Environmental, social, and governance (ESG) issues are expected to become a key focus in the context of supply chains in the coming year. This is particularly relevant in the wake of regulations that prohibit the use of goods made with forced labor, such as the UFLPA in the US and the proposed EU ban. As a result, ESG principles are likely to be emphasized within supply chains in various regions.

Additionally, the recent geopolitical disruption caused by the Russia-Ukraine conflict has highlighted the potential impact of such disruptions on global supply chains. With tensions rising between China and Taiwan, organizations should be paying attention to the potential for further geopolitical disruption in Southeast Asia in 2023 and considering how it might impact their supply chains and what alternative solutions might be necessary to mitigate risks.

Begin preparation today

Organizations shouldn’t wait for widespread disruption or a shutdown of company systems to strengthen its SCRM posture. It’s something that should be a top priority for all organizations, and something that should be actioned with haste. Beyond the benefits of having a clear, overarching view of an organization’s supply chain ecosystem, a robust SCRM program and framework can assist companies increase return on investment. By providing the flexibility to quickly act and respond when supply chain disruptions occur, or new regulations come into effect, organizations have the ability to better overcome disruption and continue business as usual.

Implementing robust supply chain mitigation strategies, including bridging and buffering, can help an organization prepare for what’s to come. Bridging means bridging the gap with suppliers to ensure communication is strong before, during, and after any type of crisis, including climate-related events. In addition to bridging, buffering means having inventory reserves to act as a buffer, or alternative supply sources should primary suppliers face disruption. Proactively implementing these mitigation strategies can help a business respond with agility in the face of disruption.

As supply chain disruptions become more complex, the technology used to detect and mitigate associated risks is also advancing. These developments, such as the ability to perform sub-tier illumination and modeling from a command center, can greatly enhance supply chain risk management. In the near future, increased predictability in supply chain disruptions will be a game-changer for SCRM.

SCRM: Evolving with the risks

The risk and compliance landscapes continue to evolve, and businesses must aim to remain one step ahead. But with robust SCRM practices, companies can weather the storms ahead and best position themselves to succeed in the face of evolving threats.

Knowledge is key. Knowing where you stand today, the risks and regulations on the horizon, and being armed with real-time visibility into your supply chains can ensure your organization can thrive for years to come.