Introducing Risk-Optimized Procurement

No company that relies on a network of suppliers can completely eliminate risk from their procurement and supply chain operations. Earthquakes happen; there’s a fire at a supplier facility; global trade and regulatory compliance laws change. From weather events to geopolitical wrangling, industrial action, natural disasters, price volatility, and more, potential disruptions, both big and small, are everywhere. 

Supply chain snarls are inevitable. They are also expensive. The average cost of a single supply chain disruption is $1.5 million every day. 

While you cannot eliminate risk, what you can do is balance cost, quality, and efficiency with risk. This is risk-optimized procurement.  

Risk-optimized procurement involves designing your sourcing strategies to anticipate and mitigate supplier and operational risks, while also maximizing supply chain efficiency and resilience.   

This may sound contradictory. Most supply chains are efficient, agile, or resilient, but rarely all three. However, with the right intelligence, delivered at the right time, you can make better-informed decisions, reducing vulnerabilities before they disrupt operations.  

Risk-optimized procurement goes beyond alerts that could impact your business. Instead, you need applied insights that contextualize a potential disruption.  

For example, knowing that high temperatures and drought can impact wheat production is not actionable. However, you can look for alternative suppliers of wheat if you have insight from applied meteorology and predictive modeling that forecasts crop yield and quality across various growing regions months in advance. 

Start with Who You Know 

The journey to full supply chain visibility can seem daunting. The key to getting started and seeing value quickly is to begin with the suppliers you know. Instead of trying to map your entire global network at once, focus on your direct, Tier-1 suppliers first. This approach allows you to build a foundational understanding of your immediate risk landscape in weeks, not years.

Where are your Risks? 

The first risk assessment step is to score your suppliers in terms of materials and locations vulnerability. Procurement teams use supply chain risk tools to evaluate suppliers based on multiple risk factors. 

These include: 

Natural disaster and climate risk: Is your supplier located in an area prone to earthquakes, flooding, hurricanes, tropical cyclones, drought, and other natural disasters? 

Social-political and geo-strategic risk: Is your supplier located in a region experiencing conflict, terrorism, or other forms of unrest?  

ESG, sustainability and regulatory compliance risk: Is there a risk of child or forced labor? Could your supplier put you at risk of violating laws, such as the Uyghur Forced Labor Prevention Act? Has a sub-tier supplier been bought by a sanctioned person or entity? 

Internal risk indicators: How reliable are your suppliers? Do they deliver on time and in full? How good is the quality of their products? 

Around 50 different categories are analyzed to determine a unified risk score in the Everstream Platform, with the ability to integrate data from proprietary and third-party sources including Dun & Bradstreet, Ecovadis, RapidRatings, and more. Think of this as a baseline risk score.  

It is not static. A company’s financial risk can change over time, or climate change could increase the risk of extreme weather. But it does not change day by day. 

What is your Risk Appetite? 

Not all risks carry the same weight. Here are some factors you should consider when assessing risk: 

• Scarcity/difficulty to source: The harder a material is to get, the more important it is to have visibility to those suppliers and identify those that are single source. 
• Criticality to business: Know the suppliers for the materials that can’t be substituted in your best-selling, most visible, or most profitable products. 
• Cost to source: Higher-priced materials are often prioritized because of their impact on the cost of goods sold and profitability. 
• Brand risk: Priority because of potential sustainability risk (child labor, forced labor) or high carbon emissions    

Risk Mitigation Framework 

The unified risk score helps you prioritize. Individual leaders or category managers may have different pain points they want to address. But because the unified risk score is objective, you can prioritize where you need to mitigate risk first.  

Consider where you will get the biggest gains by managing risk or the easiest wins. 

Once you understand where your procurement risks are, you can consider risk management strategies. This could include shifting spending across multiple vendors, collaborating with suppliers to mitigate risks or even offboarding suppliers that present an unacceptable level of risk. 

The actions you take will depend on how critical a supplier is to your business.   

Act Faster with Monitoring and Alerts 

Once you have a clear understanding where your risk lies, and what your risk appetite is, you can monitor your supply chain for the risks that are most important to you.  

Think of a supplier’s risk score as a strategic decision, whereas ongoing alerts are operational.  

Figure 1: Risks occur at every stage of the supply chain 

Go Deeper with Sub-Tier Discovery

Once you have established a baseline of risk with your Tier-1 suppliers, the next step is to expand your visibility. You can’t achieve true resilience without seeing beyond your direct partners, as most disruptions occur at the sub-tier level.

The traditional approach of supplier surveys is often slow and unreliable. Suppliers may be reluctant to share information.

This is where automated network mapping becomes critical. Using AI-powered tools, you can discover the hidden trading relationships deep within your supply chain. As you uncover these sub-tier suppliers, you can add them to your risk management program, using the same methodology, and reveal hidden points of failure.

Figure 2: Most organizations have low visibility into their supply chain networks 

This deeper analysis might uncover:

• A concentration of sub-tier suppliers in a region prone to flooding.
• A single, critical sub-tier supplier that provides components to several of your Tier-1 partners (a hidden dependency).
• Potential forced labor risks deep within your supply chain.

Let’s illustrate this with a real-world example. 

The multinational beverage company, Molson Coors CEE, was concerned about how the 2024 floods in Germany would impact their supplier network. Using sub-tier mapping, they found that five Tier-1 suppliers all sourced from the same sub-tier supplier.  

The company worked with its suppliers to discuss mitigation strategies. If this sub-tier supplier was affected by the floods, it could cause a production stoppage. However, by taking a proactive approach with Tier-1 suppliers, the company was able to ensure that sufficient stocks levels were in place.  

Furthermore, sharing this sub-tier visibility information resulted in stronger supplier relationships. Molson Coors CEE was able to request, and receive, an agreement that their supply lines would be prioritized over other customers. 

Think Bigger by Understanding the Financial Value of Risk-Optimized Procurement  

Supply chain resilience is often considered to be a cost. Most generally it is seen as nothing more than higher inventory carrying costs due to buffer stock. Sourcing new suppliers and onboarding them is also a time-consuming process. 

Furthermore, a risk-optimized procurement strategy requires supply chain risk management software that can score your suppliers, identify your risk and provide timely insights into disruptions or looming threats. 

As a result, the biggest question you need to answer is: what is the value of risk-optimized procurement? 

Sure, there are plenty of softer benefits, such as supply chain visibility, enhanced resilience, and improved supplier relationships. But procurement and supply chain professionals also need to be able to calculate the actual financial impact – and share these results with leadership. 

Here are some examples. 

An automotive company was alerted to a cyberattack that disrupted the aluminum industry. The company reacted immediately and purchased one day of buffer stock before the rest of the automotive industry knew about the attack. This saved them $1m on a single purchase of aluminum. 

The same automotive company also tracks supplier insolvency alerts. They are now able to react to these 48 hours earlier. This saves them, on average, over $100,000 per insolvency due to earlier stopped payments. 

Using sub-tier mapping, a food and beverage company identified that their supplier was importing duty-free grain from Ukraine. Armed with this insight, the category manager was able to renegotiate their contract, saving 5% of the total category spend. 

For supply chain managers and procurement professionals, understanding risks and acting proactively isn’t just smart business; it is a new way of thinking. Moving toward a risk-based procurement model requires a change of mindset. You are no longer firefighting when things go wrong, but future-focused on fire prevention.  

See it in Action 

If you would like to see how risk-optimized procurement could work for your company, contact Everstream Analytics for your personalized demo.