Supplier Risk Management Program Kevin Devoy Head of Procurement
© British Gas
Who are we - Centrica We are an energy and services company. Everything we do is focused on satisfying the changing needs of our Customers
Five Critical Areas of Risk Risk Element
Description
Execution
Are we in danger of having to stop operations because we can’t get tools, supplies and necessary services on time. Do our suppliers meet all appropriate safety and environmental regulations and provide quality goods and services?
Commercial
Do our suppliers comply with all contractual terms? Do they bill us appropriately? Are we paying market rates/pricing.
Continuity
Are our suppliers financially stable? In the event of a natural disaster or other disruption, do we have multiple suppliers with geographic diversity who can keep our operations running?
Competitive
Do our suppliers present risk in terms of theft of intellectual property or conflict of interest ?
Compliance
Do our suppliers comply with critical regulatory guidelines such as the FCA, OFGEM, UK Bribery Act, labour laws, domestic government regulations, tax laws and more?
Identifying Risk
Financial Stability Performance Contract Management Effective Governance Compliance Other Indicators
4
Our Risk Agenda 2015 There will be an increased focus on managing supplier risk in 2015 and beyond.......why ? • Increasingly global supply chain • Economic conditions still impacting our suppliers • Consolidation in various markets will reduce choice, increase risk • Increased regulatory requirements, FCA, OFGEM One of Procurement’s USP’s is about identifying and mitigating risk in our supplier base and supply chains We want supplier risk management to be VALUE ADD ?
5
Risk Tools We currently use a number of tools to try and protect British Gas from supplier risk, both as a preaward diligence process and as part of ongoing supplier management. These tools are: CSR
• External service provider helps us evaluate environmental and social practices of companies • Brought in to the on boarding process at RFP stage and applied to existing Strategic suppliers
Financial Credit Check
• Financial ratings tool which rates a companies financial health in comparison with it’s peers within the sector.
Country Risk Analysis
• External service provider – access to country/location risk analysis
Financial Times Alerts
• Email alerts can be tailored to report on any headlines around shortlisted companies.
Anti Bribery/Corruption • Provides director and sanction check info on suppliers (ABC) Supplier Scorecard Google Alerts Contract Compliance Due Diligence Checklist Financial Protection clause
• Internally developed tool used to evaluate potential risk in a supplier • Email alerts can be tailored to report on any headlines around shortlisted companies. • Internally developed oversight tool to capture quarterly performance information for our material outsource suppliers • Comprehensive checklist developed in conjunction with Compliance to review the capabilities , process and controls of a nominated supplier • Developed to ensure we have early sight of a financial issue – Obligates the supplier to provide negative assurance report if we spot adverse information on financial health
6
Supplier Risk Framework
Managing Risk – Training
Supply Chain Review Model
Financial Evaluation Model
Supplier Risk Evaluation Model
External Data Systems
Contractual Templates
Supplier Risk Scorecard We have developed a risk scorecard of our critical suppliers, allowing us to analyse where our most significant risks lie and then identify what plans have been, or can be put in place to minimise that risk. The scorecard measures: •Flexibility of Supply • Health, Safety & Environment • Financial Cost of Failure • Brand & Reputation • Legal Vulnerability • Intellectual Capital • Regulatory • Customer Impact • Employee Impact
Results in an overall score between 1 & 25. 1 is low risk, 25 is high risk
Multiplied by ‘Likelihood of Failure’ (scored between 1 & 5)
Scored between 1 & 5 depending on failure impact
Summary Risk Map
Remote (1)
Unlikely (2)
Possible (3)
Likely (4)
Almost Certain (5)
Very High (5)
5
10
15
20
25
High (4)
4
8
12
16
20
Moderate (3)
3
6
9
12
15
Low (2)
2
4
6
8
10
Very Low (1)
1
2
3
4
5
1-3 Minor
4-5 Minor
6 - 10 Moderate
11 - 14 Significant
15 - 25 Major
Risk Ranking
The risk scorecard also collects information on what other risk mitigation plans are in place (e.g. BCP, contingency plans, exit plans etc…). 9
Frequency of Review
Non Financial Indicators •
Loss of key clients
•
Change in behaviour (overt cost cutting)
•
Delay by clients to renew contracts
•
•
Request for early payment
Key staff defections i.e. Board members down to key management
•
Market Intelligence
•
Monitor share price of key clients to • identify issues • Divesting of assets •
•
Credit rating
•
Non payment of Agents
•
Reducing Standards
•
Non payment of Suppliers etc
•
Key staff defections
•
Significant attrition movements
•
Non payment of suppliers in their Supply Chain
•
Senior stakeholder review
•
Parent Company (and if applicable VC behaviour)
•
Monitor acquisitions and take-overs
Broker Analysis Raising debt finance
11
Material Outsourcing
Contract Compliance We currently request quarterly contract compliance reports from a number of contract managers to monitor contract performance, compliance & risk mitigation from one central location (avoiding duplication). Suppliers are monitored because their performance could materially impact Centrica and/or it's customers. Current Report Proce sent
Contract Manager completes Excel update
out via email each quarter
High level Red, Amber, Green performance update
Activity
Data compiled on a team site so available to all parties
2014 RAG Status
Findings reported to risk & underperforming suppliers are challenged
2015 RAG Status
Service A
Amber
Amber
Amber
Green
Service A
Green
Green
Green
Green
Service A
Green
Requested Report
Green
Green
Service A
Green
Green
Green
Green
Service A Service A Service A Service A Service A
Requested Report Green Requested Report Green Green
Green Amber Requested Report Green Green
Green Green Green Green Requested Report
Green Green Green Green Green
Service A
Green
Requested Report
Requested Report
Green
Service A
Green
Green
Green
Red
Service A Service A
Amber Green
Green Green
Green Green
Green Requested Report
13
Contract Lifecycle Risk Management There are a number of actions we take as a Procurement function throughout the contract lifecycle which help to mitigate risk. • Contract Management Team in place – Procurement engagement • Procurement attendance at Governance meetings • Appropriate Compliance reviews • Ongoing supplier assessment at contract pinch points
• Initial qualification questions • Specialist British Gas diligence questionnaires (e.g. Info Sec) • Industry Benchmarking RFx
Supplier Short Listing & Award
Contract Live • Fit for purpose contract – legal & procurement cooperation • DOA contract sign off • Governance schedule built to suit risk requirement and build in correct senior engagement • SLA’s & KPI’s built in to contract
Contract Negotiations
14
• Financial suitability checks • Audit team feedback (e.g. Info Sec) • Response assessment • Gate Reviews • Procurement & Legal signoff process • Effective Due Diligence • Supplier ramp up plans • Supplier references
Strategic Sourcing Process – Risk Assessment
15
Success Criteria •Top risk suppliers have “viable” contingency plans and mobilisation plans agreed. •Risk “network” maintained and providing intel on high risk suppliers •Increased “skill set” within procurement and contract management group to analyse and “flag” high risk suppliers and to understand Regulatory/conduct implications
•Regular refresh training and comms as BAU •Established cross group project •Keep Upper Quartile from benchmark perspective
Thank You
