How to Transform Ineffective Supplier Risk Management

It's become increasingly clear in recent years that even the smallest of disruptions can bring entire supply chains to a halt.
One of the biggest problems facing procurement organisations today is supplier risk management. According to research from The Smart Cube, more than half (53%) of companies don’t have a clear mandate for how to deal with the problems associated with poor risk management.
Therefore, there is a clear need to build effective, intelligence-driven supplier risk management strategies.
Here, Sayan Debroy, Head of Supplier Risk Intelligence at WNS Procurement, powered by The Smart Cube, outlines his strategies for effective supplier risk management.
What are the most pressing challenges companies face when it comes to supplier risk management?
One of the most pressing challenges is that many companies monitor only a select set of risk aspects, which means they may overlook many types of risks in the broader environment. By not taking a more holistic view of their suppliers' overall risk profiles – incorporating performance, cybersecurity, and ESG – many companies leave themselves exposed to unpredictable disruptions and reputational risks.
Beyond macroeconomic challenges faced by suppliers, like exposure to tariffs and sanctions or geopolitical risks, some of the possible disruptions include cybersecurity threats, data privacy issues, and a lack of compliance. Due to an over reliance on point-in-time checks, many companies evaluate suppliers based on redundant data, meaning they don’t get an accurate and up-to-date picture of risks as they evolve over time.
Relying on this approach often leads to companies missing threats. In fact, our recent supplier risk management survey showed that nearly half (47%) of respondents were only able to detect risks as they occurred or with minimal heads up.
Do you find companies lack a clear strategy for managing supplier risk?
In our 2024 survey, a third of companies said they lacked a clear supplier risk management strategy. This trend of ineffective and outdated supplier risk management can be attributed to how quickly the world has changed in recent years. We have been in a period of polycrisis – including extreme weather events and several geopolitical conflicts. These disruptions have made it difficult for many companies to keep up. Therefore, traditional methods of managing supplier risk, such as credit checks and basic research, are simply no longer sufficient.
In this climate, it's critical to update approaches to identifying and managing risks, as many companies have now seen first-hand just how vulnerable their supply chains are, with a single disruption bringing their entire operations to a stop.
Organisations must build in buffers and contingencies at every stage, from diversifying supplier portfolios to using Gen AI to model potential disruption scenarios. Without a fool-proof strategy for managing these risks, businesses expose themselves to severe operational and financial risks, rendering them unable to respond to unexpected disruptions promptly.
Addressing this disconnect is essential for building long-term resilience in supply chains and safeguarding business continuity.
What first steps should companies take in building a more robust supplier risk management strategy?
Firstly, organisations need to implement effective risk listening practices by actively monitoring a broad range of risks. These must include financial, operational, cybersecurity and ESG risks.
Once risks are identified, it's important to assess them holistically. Bringing together diverse risk signals and performance data allows procurement teams to understand a supplier's risk profile more thoroughly. This overview enables more informed, balanced decision-making.
To respond appropriately, internal teams also need access to specialists and on-demand, actionable intelligence. For example, if a critical supplier is expected to experience a significant issue, teams must have intelligence on potential impacts, alternative suppliers and pricing fluctuations.
Finally, organisations should establish a well-defined framework to ensure collaborative, timely action.
What role do data and intelligence play in effective supplier risk management?
Data is the backbone of effective supplier risk management as it gives companies a comprehensive view of intelligence across systems, enabling them to respond to risks from every angle. This necessitates establishing a platform where data from various vendors and internal teams can be assembled, exchanged, and analysed on an ongoing basis.
With this approach, teams can enhance visibility into key areas like supply and demand dynamics, supply chain dependencies and early warning risk signals, helping them proactively manage potential disruptions.
With data being so integral to making informed decisions, procurement teams should always aim to collaborate with knowledge partners or leverage technology to maximise the value of their data.
What's the future of supplier risk management?
Previously, risk management was a function predominantly viewed as a checklist exercise or compliance process. Now, there is a much stronger connection between third-party risk awareness and business resilience, where procurement teams that approach risk proactively can help unlock value. In fact, over time, businesses will increasingly see risk management as being a ‘value centre’ rather than a ‘cost centre’ and will invest more heavily in risk intelligence to build resilience.
Leveraging technology is crucial when it comes to generating actionable insights from the abundance of data that procurement companies already have. Risk monitoring is already highly automated – human experts can’t monitor ongoing risks at the scale AI can. However, Gen AI has the potential to take this automation a step further.
Looking ahead, risk managers will increasingly adopt this technology and there will be an overhaul of the risk management process, for the better. Gen AI’s ability in this sector can enhance and streamline a variety of tasks, freeing up people to concentrate on actions that require human intelligence (HI).
Some key examples include much more enhanced and automated risk monitoring, giving managers real-time updates so they can respond immediately. Complex scenario analysis is a lengthy process but, by automating it, risk managers can compare and contrast risk scenarios proactively.
And finally, general task automation can truly transform the risk management process. With intelligent Gen AI models able to streamline low-level tasks, human intelligence can be applied to more valuable negotiations.
Explore the latest edition of Supply Chain Digital and be part of the conversation at our global conference series, Procurement & Supply Chain LIVE.
Discover all our upcoming events and secure your tickets today.
Supply Chain Digital is a BizClik brand.
- Gartner: Five Pathways for CSCOs Amid Tariff UncertaintySupply Chain Risk Management
- PSC LIVE Singapore: An Interview with Former 3M ExecutiveDigital Supply Chain
- PSC LIVE Singapore Welcomes Holly Miller to its Line-UpSupply Chain Risk Management
- TotalEnergies: Supplying Renewable Energy for ManufacturingSustainability