Supplier Risk Management Program - GSA-UK

Risk Element Description Execution Are we in danger of having to stop operations because we cant get tools, supplies and necessary services on time...

23 downloads 463 Views 1MB Size
Supplier Risk Management Program Kevin Devoy Head of Procurement

© British Gas

Who are we - Centrica We are an energy and services company. Everything we do is focused on satisfying the changing needs of our Customers

Five Critical Areas of Risk Risk Element

Description

Execution

Are we in danger of having to stop operations because we can’t get tools, supplies and necessary services on time. Do our suppliers meet all appropriate safety and environmental regulations and provide quality goods and services?

Commercial

Do our suppliers comply with all contractual terms? Do they bill us appropriately? Are we paying market rates/pricing.

Continuity

Are our suppliers financially stable? In the event of a natural disaster or other disruption, do we have multiple suppliers with geographic diversity who can keep our operations running?

Competitive

Do our suppliers present risk in terms of theft of intellectual property or conflict of interest ?

Compliance

Do our suppliers comply with critical regulatory guidelines such as the FCA, OFGEM, UK Bribery Act, labour laws, domestic government regulations, tax laws and more?

Identifying Risk

Financial Stability Performance Contract Management Effective Governance Compliance Other Indicators

4

Our Risk Agenda 2015 There will be an increased focus on managing supplier risk in 2015 and beyond.......why ? • Increasingly global supply chain • Economic conditions still impacting our suppliers • Consolidation in various markets will reduce choice, increase risk • Increased regulatory requirements, FCA, OFGEM One of Procurement’s USP’s is about identifying and mitigating risk in our supplier base and supply chains We want supplier risk management to be VALUE ADD ?

5

Risk Tools We currently use a number of tools to try and protect British Gas from supplier risk, both as a preaward diligence process and as part of ongoing supplier management. These tools are: CSR

• External service provider helps us evaluate environmental and social practices of companies • Brought in to the on boarding process at RFP stage and applied to existing Strategic suppliers

Financial Credit Check

• Financial ratings tool which rates a companies financial health in comparison with it’s peers within the sector.

Country Risk Analysis

• External service provider – access to country/location risk analysis

Financial Times Alerts

• Email alerts can be tailored to report on any headlines around shortlisted companies.

Anti Bribery/Corruption • Provides director and sanction check info on suppliers (ABC) Supplier Scorecard Google Alerts Contract Compliance Due Diligence Checklist Financial Protection clause

• Internally developed tool used to evaluate potential risk in a supplier • Email alerts can be tailored to report on any headlines around shortlisted companies. • Internally developed oversight tool to capture quarterly performance information for our material outsource suppliers • Comprehensive checklist developed in conjunction with Compliance to review the capabilities , process and controls of a nominated supplier • Developed to ensure we have early sight of a financial issue – Obligates the supplier to provide negative assurance report if we spot adverse information on financial health

6

Supplier Risk Framework

Managing Risk – Training

Supply Chain Review Model

Financial Evaluation Model

Supplier Risk Evaluation Model

External Data Systems

Contractual Templates

Supplier Risk Scorecard We have developed a risk scorecard of our critical suppliers, allowing us to analyse where our most significant risks lie and then identify what plans have been, or can be put in place to minimise that risk. The scorecard measures: •Flexibility of Supply • Health, Safety & Environment • Financial Cost of Failure • Brand & Reputation • Legal Vulnerability • Intellectual Capital • Regulatory • Customer Impact • Employee Impact

Results in an overall score between 1 & 25. 1 is low risk, 25 is high risk

Multiplied by ‘Likelihood of Failure’ (scored between 1 & 5)

Scored between 1 & 5 depending on failure impact

Summary Risk Map

Remote (1)

Unlikely (2)

Possible (3)

Likely (4)

Almost Certain (5)

Very High (5)

5

10

15

20

25

High (4)

4

8

12

16

20

Moderate (3)

3

6

9

12

15

Low (2)

2

4

6

8

10

Very Low (1)

1

2

3

4

5

1-3 Minor

4-5 Minor

6 - 10 Moderate

11 - 14 Significant

15 - 25 Major

Risk Ranking

The risk scorecard also collects information on what other risk mitigation plans are in place (e.g. BCP, contingency plans, exit plans etc…). 9

Frequency of Review

Non Financial Indicators •

Loss of key clients



Change in behaviour (overt cost cutting)



Delay by clients to renew contracts





Request for early payment

Key staff defections i.e. Board members down to key management



Market Intelligence



Monitor share price of key clients to • identify issues • Divesting of assets •



Credit rating



Non payment of Agents



Reducing Standards



Non payment of Suppliers etc



Key staff defections



Significant attrition movements



Non payment of suppliers in their Supply Chain



Senior stakeholder review



Parent Company (and if applicable VC behaviour)



Monitor acquisitions and take-overs

Broker Analysis Raising debt finance

11

Material Outsourcing

Contract Compliance We currently request quarterly contract compliance reports from a number of contract managers to monitor contract performance, compliance & risk mitigation from one central location (avoiding duplication). Suppliers are monitored because their performance could materially impact Centrica and/or it's customers. Current Report Proce sent

Contract Manager completes Excel update

out via email each quarter

High level Red, Amber, Green performance update

Activity

Data compiled on a team site so available to all parties

2014 RAG Status

Findings reported to risk & underperforming suppliers are challenged

2015 RAG Status

Service A

Amber

Amber

Amber

Green

Service A

Green

Green

Green

Green

Service A

Green

Requested Report

Green

Green

Service A

Green

Green

Green

Green

Service A Service A Service A Service A Service A

Requested Report Green Requested Report Green Green

Green Amber Requested Report Green Green

Green Green Green Green Requested Report

Green Green Green Green Green

Service A

Green

Requested Report

Requested Report

Green

Service A

Green

Green

Green

Red

Service A Service A

Amber Green

Green Green

Green Green

Green Requested Report

13

Contract Lifecycle Risk Management There are a number of actions we take as a Procurement function throughout the contract lifecycle which help to mitigate risk. • Contract Management Team in place – Procurement engagement • Procurement attendance at Governance meetings • Appropriate Compliance reviews • Ongoing supplier assessment at contract pinch points

• Initial qualification questions • Specialist British Gas diligence questionnaires (e.g. Info Sec) • Industry Benchmarking RFx

Supplier Short Listing & Award

Contract Live • Fit for purpose contract – legal & procurement cooperation • DOA contract sign off • Governance schedule built to suit risk requirement and build in correct senior engagement • SLA’s & KPI’s built in to contract

Contract Negotiations

14

• Financial suitability checks • Audit team feedback (e.g. Info Sec) • Response assessment • Gate Reviews • Procurement & Legal signoff process • Effective Due Diligence • Supplier ramp up plans • Supplier references

Strategic Sourcing Process – Risk Assessment

15

Success Criteria •Top risk suppliers have “viable” contingency plans and mobilisation plans agreed. •Risk “network” maintained and providing intel on high risk suppliers •Increased “skill set” within procurement and contract management group to analyse and “flag” high risk suppliers and to understand Regulatory/conduct implications

•Regular refresh training and comms as BAU •Established cross group project •Keep Upper Quartile from benchmark perspective

Thank You