Thursday, September 8, 2011

Applying The Right Level Of Risk Management

You can’t expect the same level of risk mitigation in a $1 million deal as $100 million. For internally managed risks you probably couldn’t afford it and for transfer of the risk to Suppliers, they simply may not be willing to accept it. A Supplier’s agreement to accept risk is usually tied to the “rewards” they will see and the bigger the reward, the greater the risk they may be willing to accept. To me risk management is something that needs to be managed with every purchase.You need ask yourself a number of simple questions about the risks involved to decide what may be appropriate; whether a contract is needed or Purchase Order may be used; and what should be included to transfer or manage those risks. Here are a number of questions that you might ask:

1. Is the nature of the purchase one time or is it repetitive? Many times a one-time purchase many not need an agreement as long as the nature of the purchase and the failure to perform are not high risk.

2. Is the nature of the purchase high risk? Could there be significant personal injury or property damage caused such as with chemicals, gasses, certain types of construction and things that are high risk on their own such as control systems for things like nuclear plants, aircraft controls, etc.? If there is you should probably have a contract.

3. Would the failure to perform be considered high risk? A high-risk activity would normally be one where the failure to perform would cause substantial cost or damages to the Buyer’s company. Another situation I would consider high risk would where the failure to perform would impact a senior executive in Buyer’s company and the risk is not so much about the impact to the company as it is the impact to the Buyer’s job and career.

4. If it’s repetitive, are you single sourced? Alternative sources reduce the risk, but don’t eliminate it. Frequently there can be a significant period of time for the alternative to respond. Alternative sources for purchases of products with long lead times will only provide long-term support but probably won’t provide any short-term protection.
5. If it’s single sourced:
Are there alternatives that may be instituted at low cost? The greater the cost to change suppliers the less likely you will be to implement an alternative strategy.
Can an alternative be implemented quickly? For an alternative to have real value in mitigating the risk, you would need to be able to quickly get performance from the alternative Supplier to mitigate the impact of the other Supplier failing. For example if using another supplier would require a complete re-design of your product, that at best provides long-term protection against the risk.

6. Is there a significant impact if the price changes? Being able to have multiple qualified suppliers frequently requires splitting the business that can have a cost impact. If a product is marginally profitable, incurring that additional cost could impact that. Protection of the continuity of supply shouldn’t come at the cost of losing money on the product.

7. What impact would there be if the supplier failed to perform? This is probably the most important question in managing the risk. If the impact is small and more of an inconvenience, you need less protection and control than if there would be a major financial impact from the failure.

8. Is the purchase for internal use or as part of a sale to a customer? Where a purchase will be used also impacts the risk. If it will be part of a sale to a customer, in addition to any damages the Buyer would sustain from failing to meet their sales obligation, you also incur customer satisfaction issues that can damage the customer’s willingness to make future purchases from the Buyer. If the purchase is for internal use, the impact of the failure to perform will vary based upon where and how it will be used. For example, if it was a spare part for a piece of manufacturing equipment that was down it could impact production and revenue. If it was a service being purchased that didn’t have a revenue or major cost impact, it’s less of a risk.

9. Is the risk of non-performance significant? This is where you need to take a hard look at the Supplier you selected to determine what the likelihood of a problem is based on their past history of performance with you or the marketplace. The shakier the Supplier is for things that can impact performance like financial stability the more you need protections you need if they were not able to perform. That risk goes up dramatically if you are dependent on them such as being sole sourced with them or their technology.

10. Is the risk of litigation significant? There are two main types of litigation to be concerned about. One is a claim for intellectual property infringement. The other is a claim for personal injury or property damage. If the product that you are buying is a commodity that has frequent claims or there are any questions as to the source of the IP used, you need to protect against that risk. For personal injury you need to ask whether either the nature of the product or service is inherently dangerous where there are frequent personal injury claims.

11. If the purchase is for resale to a customer, did you select the supplier? Was the supplier or product specified by the customer? The reason why you would ask this is if the customer specified it, you should work with sales for what I would consider to be a form of “flow back” provision where you are only liable to the customer to the extent you can recover from the Supplier they specified. That way you aren’t assuming risk that you haven’t been able to cover with their specified supplier.

12. Are there specific customer flow-down requirements that must be met? If you are unable to effectively cover risks that apply to a customer flow down requirement with a Supplier, you should work with sales to either treat the specific supplier as an exception or the pricing given to the customer would need to include contingencies to cover the risk.

13. Is a specific license or grant required from the Supplier in connection with the Purchase? Any time there is a license or grant required, that will need to be addressed in the agreement. The only exception to this would be if you were purchasing break the seal software where the break the seal license will work.

14. What if the supplier didn’t ship the items, the items didn’t work, or there are quality problems with the product or service For all of these consider the revenue/potential financial impact of the problem and whether it’s a one time impact or there will be on-going impacts. The more you could have on-going impact the more you need a contract to drive the supplier’s behavior and recover some of the cost there performance problems created. You also need tools included in the contract to help manage and mitigate the potential risk.

15. Have you done business with this Supplier without a contract? As they say in ads for financial investments, past performance is not an indicator of the future. Before you decide to operate without a contract its important to think about whether there have been any significant changes to the Supplier that could impact performance such as changes to their management team, negative changes to their financial results, changes in ownership or location where the work will be done.

16. Have you had any problems? Have they responded quickly and reasonably when there have been problems? Before relying upon past performance you need to look for changes that could impact their responsiveness. If you’ve had problems and they have not responded as your would like, your award of any business to them should be conditioned on changing that with inclusion of terms that will help drive the desired behavior.

17. If you were able to contractually transfer the risk, do they have the assets or resources to stand behind the commitments? Contract commitments are only as good as the assets and resources of the company that is making the commitments. If they don’t have that, you need to have the tools you need to manage the risk and place less reliance on any financial recovery that may not be forthcoming.

18. Would you be better off having no agreement rather than accept the terms as proposed? If getting an agreement would require that you agree to severely limit your potential for recovery through a limitation on the types of damages that may be claimed or a limitation on the total amount of any recovery, if may be better to not have that agreement and work off purchase orders where the parties responsibilities will come down to the battle of the forms between the terms on Buyer’s purchase order and Supplier’s acceptance or confirmation.

19, Are they risks the Supplier can manage? The simple fact is that if there is a risk that a Supplier can’t manage, all that will do is drive the supplier to include a worse case contingency in their pricing to help manage the risk to them. If the risk never materializes, you paid the cost and they made the additional profit. It may be better for the Buyer to assume the risk and avoid paying the premium where if the risk materializes the savings would pay for the cost and if it doesn’t you save that amount.

20. Are there other steps you can take to help manage the risk? If something is really a risk you should have some form of contingency plan to help manage it that could include things like second sourcing, or inventory stocking.

21. If you were to assume some or all of the risk, are there controls or tools you need in the agreement to help manage the risk. Most standard templates are written under the assumption that the purchases are average risk and the supplier you are buying from is average risk. If you dealing with any higher risk purchases or suppliers you need a contract that has additional controls and tools to help manage the risks.

22. If the item being purchased is for sale to a customer, what are the real risks? The real risks are based not on the purchase terms but on the terms that you sell to the customer under. In most companies there is a significant difference in the terms they want to purchase under versus the terms that they sell under. The real risk to the company is not based on the purchase terms, its based on the sales terms.

23. Where Suppliers are unwilling to accept the contractual transfer of certain risks, and you must still use that Supplier you need your contract to include more controls to help you manage the risks you have assumed. Suppliers like to have significant freedom with respect to their actions and operations. That freedom can create increased risks for the Buyer. If they want freedom they need to accept the risks of their actions. If they are unwilling to accept the risks, you cannot give them the freedom and you need the controls to help you manage the risks.

24. If there is a problem, to what extent would a Contract provide you with greater recovery or protection than just a Purchase Order with a signed acknowledgement or confirmation? Contracts may not always provide more protections, especially if their terms include limitations on the types of damages that may be claim or limitations on the amount of recovery.

25. For international purchases you should always be concerned with the locations where operations will be performed. How stable is the country politically or economically? Instability of countries may impact the Suppliers ability to perform and stability of currency will have an impact on their cost structure.

26. How a company manages their labor, the programs they have for the health, and safety of their employees or how they manage their business from an environmental perspective may not create a performance risk. However they
do represent a potential political or image risk to the buyer. Companies spend millions of dollars managing their image and brands and don’t want those negatively impacted by the suppliers they use.