The Three Components Of An Effective Third Party Oversight Program
-
Upload
neo-group-inc -
Category
Data & Analytics
-
view
214 -
download
3
Transcript of The Three Components Of An Effective Third Party Oversight Program
THE 3 COMPONENTS OF AN EFFECTIVE THIRD PARTY OVERSIGHT PROGRAM
Christine Ferrusi Ross, Partner & SVP, Neo Group January 29, 2015
2 2
© 2015 Neo Group Inc. Proprietary
• Globalization Strategy • Location Strategy • Health Checks • Renegotiations • Governance
" Since 1999, we have been helping clients achieve business objectives and address business challenges by leveraging global services and sourcing.
" We have a singular focus on the global services supply chain.
" We achieve outcomes through deep IP, real-time analytics, globally recognized experts, proven methodologies and co-creation with our clients.
NEO GROUP OVERVIEW
We deliver results through three distinct and linked solutions and services:
ADVISORY SERVICES GOVERNANCE SOLUTIONS
• Design • Run and Support • Ongoing Resource, Contract
and Performance Management Services
SUPPLY MONITORING & ANALYTICS
• Data, Analytics & Guidance on Countries, Cities & Suppliers
• Real-Time Event Alerts • Subscription-Based Monitoring
3 3
© 2015 Neo Group Inc. Proprietary
TODAY’S PRESENTER
Christine Ferrusi Ross Christine is a senior vice president at Neo Group. She’s passionate about helping clients solve complex global risk, sourcing, and supplier issues to achieve better business results. Christine has helped some of the largest companies in the world operationalize their supplier risk efforts, and she’s a recognized expert in the space. She’s been quoted in the Wall Street Journal, on CNBC, and other national media regarding supplier risk, outsourcing, and globalization.
© 2015 Neo Group Inc. Proprietary
4 4 WHY FOCUS ON SUPPLIER RISK? " Expanding Global Sourcing Footprint = Increasing Risk
• Increasingly, regulators and boards seek evidence of supply risk monitoring.
" Higher Exposure, if your Firm • Operates in a Regulated industry such as Financial Services or Pharma.
o Fines to $100MM+ for service supply issues • Has a large or increasing globally sourced portfolio, whether in-house or with partner. • Globally sources critical functions from multiple countries, cities and locations.
" Impact on Operations Can Be Drastic • Low cost global sourcing locations face economic, political and social upheaval. • Providers may propose/adopt alternate strategies that can impact quality. • Attrition can skyrocket in a growing economy and strip you of your best resources.
" Monitoring Provides the Opportunity to Take Pro-Active Measures • Active governance often leads to pro-active actions. • Informs negotiations, re-negotiations and company owned location strategies. • Enables you to leverage emerging trends, tax and SEZ changes/situations, visa reforms, etc.
© 2015 Neo Group Inc. Proprietary
5 5 A QUICK VIEW: RISK MANAGEMENT PROCESS
What risks ma+er?
Assign responsibility for tracking and taking ac9on on the risks
Decide the risk indicators (with specifics like percentages, not
“declining”)
Create an ac9on plan for what to do for each
risk as it happens Track risk data
Take ac9on as pre-‐determined
Feedback loop, including process
changes and supplier/contract changes
© 2015 Neo Group Inc. Proprietary
6 6
Ø Define supplier-related risks
Ø Monitor your suppliers and their geographic locations
Ø Build an actionable risk management program
Ø Use third party oversight to take advantage of new business opportunities
AGENDA
© 2015 Neo Group Inc. Proprietary
7 7 BEFORE WE START: YOU HAVE LIMITED RESOURCES
Supplier risk management is like pulling a loose thread…
Throughout the presentation, think about two pieces: 1) the process and action steps 2) your key suppliers and locations
© 2015 Neo Group Inc. Proprietary
8 8
• What are you really worried about? – That the supplier can’t deliver what was promised
to you? – That the supplier does something (or doesn’t do
something) that causes you to be noncompliant with legal or regulatory requirements?
– That the supplier does something that reflects badly on you and harms your brand?
– That I won’t get a good deal in my next negotiation with my supplier
DEFINE SUPPLIER-RELATED RISKS
© 2015 Neo Group Inc. Proprietary
9 9 QUICK POLL
What is your primary reason to monitor and manage risks in your services supply chain?
© 2015 Neo Group Inc. Proprietary
10 10 POLL RESULTS
QUICKPOLL
What is your primary reason to monitor and manage risks in your services supply chain? Poll Results:
Ensure compliance 61%
Avoid service disruptions 28%
Protect my brand 21%
Inform contract renegotiations 0%
© 2015 Neo Group Inc. Proprietary
11 11
• Risks are chances that you could be harmed
• Trigger events are occurrences that cause a risk to happen
• Defining risks means going back to what you’re really worried about (the risk that your supplier suddenly can’t deliver on its commitments, for example)
• But to be effective, you need a definition of each risk type, what events could cause that risk to increase (or decrease)
DEFINING RISKS
© 2015 Neo Group Inc. Proprietary
12 12
Supplier Category Descrip2on and Tracked Metrics
Financial Risk Key investment, ra9os balance sheet, liquidity, profitability, and revenue/revenue diversity metrics
Services Risk Key talent pool size, quality cer9fica9ons (e.g., CMMI, ISO 9001), specialized cer9fica9ons, opera9ng model, services & ver9cal lines, and geographic metrics
Governance Risk Organiza9onal (strength of corporate governance, changes in organiza9onal structure, etc.), func9onal, and opera9onal levels
People Risk A+ri9on (overall a+ri9on for the quarter), new hires, produc9vity, u9liza9on, and employee development & training measures
Infrastructure Risk Security policies (physical security, informa9on security, data theX/fraud), measures of delivery center networks, opening of new delivery centers and risks associated with them, up9me policy/performance, and expansion plans
Clients Risk Client porZolio measures, including acquisi9on, reten9on/flight, concentra9on, and sa9sfac9on
Partner/Ecosystem/Alliances Risk
Key partners and addi9ons across enterprises, new alliances/partnerships during the relevant 9me period, ver9cal and horizontal solu9ons
Thought Leadership Innova9on, published papers, event and topic leadership, patent informa9on, and key CSR metrics
SAMPLE RISK CATEGORIES
© 2015 Neo Group Inc. Proprietary
13 13 SUPPLIER RISK REQUIRES LOCATION CONTEXT
" Expanding Global Sourcing Footprint = Increasing Risk • Increasingly, regulators and boards seek evidence of supply risk monitoring.
" Higher Exposure, if your Firm • Operates in a Regulated industry such as Financial Services or Pharma.
o Fines to $100MM+ for service supply issues
• Has a large or increasing globally sourced portfolio, whether in-house or with partner. • Globally sources critical functions from multiple countries, cities and locations.
" Impact on Operations Can Be Drastic • Low cost global sourcing locations face economic, political and social upheaval. • Providers may propose/adopt alternate strategies that can impact quality. • Attrition can skyrocket in a growing economy and strip you of your best resources.
" Monitoring Provides the Opportunity to Take Pro-Active Measures • Active governance often leads to pro-active actions. • Informs negotiations, re-negotiations and company owned location strategies. • Enables you to leverage emerging trends, tax and SEZ changes/situations, visa reforms, etc.
© 2015 Neo Group Inc. Proprietary
14 14 SAMPLE RISK CATEGORIES FOR GEOGRAPHIES Loca2on Category
Descrip2on and Tracked Metrics Macro-‐Economic Risk
Key macro-‐economic indicators, including infla9on, foreign direct investment, credit risk, currency risk, and market fluctua9ons
Financial Risk Key labor cost metrics for ITO, BPO, KPO; opera9onal costs, and taxa9on factors
Geo-‐Poli9cal Risk Poli9cal risk and stability, social and security risk (e.g. terrorism, prevalence of travel advisory/warnings, and natural disaster risks)
Infrastructure Risk Government support and incen9ves to source (including forward availability), power and u9li9es, transport and facili9es, technological readiness (adop9on of exis9ng technologies by an economy), and quality of connec9vity metrics
Business Risk Ease of business (permits, start up costs, etc.), regulatory and statutory requirements, business sophis9ca9on (quality of business networks and individual firm’s opera9ons), and trade and logis9cs
Legal Risk Legal and regulatory policies and acts, cyber crime, ITO and BPO industry trade union ac9vity, and key in-‐market labor and workday laws
Scalability Risk Size and growth characteris9cs for ITO and BPO, provider and process maturity, worker popula9on spreads, a+ri9on/hiring measures, and languages
Quality of Life Risk Expat quality of life measures and business support and ameni9es
© 2015 Neo Group Inc. Proprietary
15 15 A RISK MODEL HELPS PULL IT ALL TOGETHER
Supply WisdomSM Real-Time Risk Model RISK
RATING NEGLIGIBLE LOW MODERATE HIGH EXTREME
SUPPLIER RISKS
FINANCIAL CLIENTS PEOPLE ALLIANCES
SERVICE CAPABILITY GOVERNANCE INFRASTRUCTURE THOUGHT
LEADERSHIP
CITY RISKS
MACRO-ECONOMIC FINANCIAL BUSINESS INFRASTRUCTURE
GEO-POLITICAL LEGAL SCALABILITY QUALITY OF LIFE
COUNTRY RISKS
MACRO-ECONOMIC FINANCIAL BUSINESS INFRASTRUCTURE
GEO-POLITICAL LEGAL SCALABILITY QUALITY OF LIFE
2 4 6 8 10
© 2015 Neo Group Inc. Proprietary
16 16
• Yes, you need to update your definitions and trigger events regularly, but it’s not a real-time, constant activity
• But the real heavy lifting comes in continuously monitoring all potential trigger events
• To monitor data you can use software, you can hire internal analysts to find relevant data and make decisions on how important that event is to a risk, or ask consultants to do regular assessments, etc.
• Each new event gets incorporated into the risk tracking and if necessary, changes the supplier’s or location’s risk score
MONITOR CONTINUOUSLY
© 2015 Neo Group Inc. Proprietary
17 17 SAMPLE TRIGGER EVENTS
• Changes in Investor Holdings
• Changes in Board
• Changes in Senior Management • Financial Liquidity
• Revenue & Profitability Issues • Employee Attrition
• Client Losses / Attrition
• Legal Actions • Significant Awards
• Significant Partnerships • IP Filings
• Company-Specific Job Actions
• Credit Ratings / Downgrades
• Changes in Budget
• Stock Market Volatility • Tax Changes
• New Special Economic Zones • Cyber Legislation
• Visa Changes
• Power Imbalances • Geopolitical Events
• Labor Union Formation & Strikes • Key Policy Changes
• New Center formation
SUPPLIERS GEOGRAPHIES
© 2015 Neo Group Inc. Proprietary
18 18
• The natural reaction is to try to reduce risk to zero. That’s unrealistic
• Several standards, including ISO, include risk management
• The most common ways to address a risk include: – Avoid the risk completely (example: decide not to hire a supplier) – Reduce the risk (example: put better governance in place to avoid
operational risk) – Accept the risk (example: decide to renew a supplier contract) – Increase the risk (example: expand scope with a supplier to increase
value received)
ACTION PLAN: HOW TO ADDRESS RISKS
© 2015 Neo Group Inc. Proprietary
19 19
• With your assessment of risks and the trigger events, decide what you will do if you see a risk rising
• This means you need a clear set of “if/then” statements that you make beforehand so you don’t need to panic when something happens
• Tactical examples can include: – “If our supplier has two quarters of rising financial risk, we’ll ask for a specific
meeting to understand the supplier’s plans to ensure our engagement isn’t going to be at risk because of cost cuts, etc.”
– If our supplier begins to lose customers in our industry, we’ll call and ask about redeploying newly available resources to our account”
BUILD AN ACTIONABLE RISK PLAN
© 2015 Neo Group Inc. Proprietary
20 20
• What risks are you willing to accept?
• Supplier risk tolerance needs to match the company’s overall risk appetite
• Generally, risk tolerance decreases when scope, spend, and data access increase
• Risk tolerance can be intentionally raised by improving internal governance, transparency, and oversight
TREATMENTS DEPEND ON TOLERANCE
© 2015 Neo Group Inc. Proprietary
22 22
• Risk management isn’t just about insurance
• Having an action plan gives you power to move forward with confidence
• Clear risk management and action plans help you build confidence with internal and external constituents – no getting caught off guard by “surprise” supplier events
USE RISK MANAGEMENT TO GAIN ADVANTAGE
© 2015 Neo Group Inc. Proprietary
24 24 THANK YOU NEO GROUP GLOBAL HEADQUARTERS 6200 Stoneridge Mall Road, 3rd Floor Pleasanton, CA 94588, USA www.neogroup.com ASIA-PACIFIC HEADQUARTERS No. 36, 3rd Floor Prestige Garnet, Ulsoor Road Bangalore 560 042, India AMSTERDAM, NETHERLANDS AUSTIN, TEXAS BOGOTA, COLOMBIA LONDON, UK
NEW YORK, USA ATLANTA, USA SAO PAOLO, BRAZIL SILICON VALLEY, USA
SYDNEY, AUSTRALIA
CHRISTINE FERRUSI ROSS Partner & SVP [email protected] 781.405.9851 CASEY CHECHE Manager, Business Development [email protected] 775.354.5564 WILLIAM SELLERS Partner & SVP Supply Wisdom [email protected] 617.510.3800