Making the right choices about which suppliers you’ll work with has a substantial impact on your bottom line, driving the organization’s overall growth and profitability.

However, supplier selection comes with risks, and not considering them on time is bound to create the opposite, draining effect.

In this deep dive, we’ll cover 5 risks every procurement professional should consider during supplier selection, and explore practical ways for your organization to keep them at bay.

Ready to bring supplier selection to the next, more risk-aware level?

Let’s jump right in!

Financial Risk

Assessing suppliers’ financial health should be one of the top priorities for any organization.

After all, it’s the basis for securing business continuity and building long-term, successful supplier relationships.

It’s no wonder, then, that failure to do so can have grave consequences.

Namely, a supplier’s financial instability increases the chances of disruptions that can ultimately affect deliveries or service quality, resulting in delays or increased costs for your organization.

The nature and scope of this negative impact depends on the financial risks in question, which can be grouped into four main categories.

Credit or default risks	Relate to the supplier’s debts or the credit it offers to customers
Liquidity risks	Originate from poor cash flow and inability to cover immediate expenses
Operational risks	Emerge from lawsuits, fines, or any challenges related to the company’s business model as such
Market risks	Impact the broader industry in which the company operates

If you’re wondering how these risks extend to you, the answer is simple: distraction.

If the supplier is occupied with their own financial strains, obligations to your organization and overall service quality come second.

Moreover, if the problems persist, they can gradually lead to bankruptcy that your supply chain likely isn’t prepared to handle.

This is one of the reasons why over a third of compliance leaders continuously review the third party’s financial condition.

However, a comprehensive supplier selection process can help you cut down issues at the root.

Conducting an initial background check is your starting point for mapping potential financial woes.

Once you have vendor data from credit checks, public filings, as well as references, you can factor in broader implications of mergers and acquisitions or leadership changes.

Source: Veridion

Next, it’s critical to centralize your findings and produce standardized risk ratings.

That way, you can compare and contrast each prospect before digging deeper into the supply chain using third-party risk management (TPRM) solutions.

Still, getting a sense of the prospect’s operations and long-term vision rests on both research and open dialogue.

Looking at the supplier’s financial health and future viability up close can help seal the deal, advises David Hernandez, a business owner specializing in import and wholesale.

Illustration: Veridion / Quote: LinkedIn

Ultimately, mapping financial risks is an essential step in every supplier selection process, helping you save a lot of trouble down the road.

ESG Risk

Awareness of ESG risks protects your organization’s operations and reputation while promoting sustainable business practices.

A 2022 report commissioned by Dun & Bradstreet shows that failure to meet the environmental, social responsibility, and corporate governance (ESG) goals carries huge risks.

Illustration: Veridion / Data: D&B

Out of 268 decision-makers, 43% reported increased operational risk, 38% cited financial risk, and nearly a third noted reputational damage.  

But working with suppliers with poor ESG practices can negatively affect your organization in myriad ways, too.

Those operating in already scrutinized industries, such as fast fashion, are particularly vulnerable to public falls from grace and huge financial losses.

One notable example is the British online retailer Boohoo.

After it came to light that a Leicester-based supplier paid workers less than the minimum wage, Boohoo suffered a 23% slump in shares, which resulted in a £1.1 billion market loss.

Further investigative work revealed many supply chain failings and inadequate monitoring.

While it’s difficult to tell how much Boohoo knew about these issues given the circumstances and its overall track record, it makes sense that access to ESG data usually plays a part.

In fact, the top challenges of meeting ESG goals are all data-related: from poor quality to lack of access to ESG data on privately held companies.

Illustration: Veridion / Data: D&B

Given this, it can be challenging to execute recommended strategies, such as profiling vendors and conducting initial and ongoing due diligence.

Fortunately, this is where AI-powered supplier sourcing providers like Veridion come in.

Veridion’s data-centric approach and AI-driven supplier discovery give organizations an X-ray vision of the procurement landscape and its weekly changes, empowering them to zoom in on specific criteria like ESG.

Source: Veridion

With product-level insights into over 120 million businesses across 241 countries, you can quickly scour Veridion’s data universe and avoid ESG risks by pinpointing the right suppliers.

One thing’s certain: Sustainable procurement is here to stay, and holding suppliers up to ESG standards is more important than ever.

And with the right supplier discovery solution, you’re one step closer to transforming risk mitigation into future growth.

Quality Risk

Quality risk is reflected in the possibility of receiving substandard products or services from a supplier.

Since ensuring product and service quality is essential for maintaining customer satisfaction, mitigating quality risks is among the top procurement risk management priorities.

This is also why several studies recognize quality as a core criterion for choosing suppliers.

Illustration: Veridion / Data: Emerald Insight

While a supplier’s poor pricing and unreliable delivery also influence end customers, a drop in quality is felt quicker and more directly, eroding the company’s reputation.

Let’s take a closer look at the case of Target’s Egyptian Cotton Sheets.

In 2016, Target severed ties with a major home textile supplier Welspun after learning that its cotton sheets were falsely labeled and produced using cheaper cotton for nearly 2 years.

Welspun suffered a major blow, seeing as 10% of its business at the time came from Target.

However, Target’s supply chain was left shaky, and its brand reputation also took a hit, given the company’s positioning as the go-to retailer for quality, yet affordable products.

The two companies would eventually patch things up, but this incident showed the necessity of better quality control mechanisms from the earliest phases of the relationship.

To avoid finding yourself in a similar situation, setting clear expectations and conducting initial supplier audits is vital.  

David Moir, Technical Manager for manufacturing services provider Star Rapid, advises to dig deep to confirm whether standard operating procedures are followed.

Illustration: Veridion / Quote: LinkedIn

Enhanced quality assurance is one of the main benefits of supplier performance management, and it rests on establishing various mechanisms—from conducting regular and ad-hoc inspections to external quality audits.

The importance of comprehensive and ongoing performance monitoring is reflected in the positive risk management outcomes outlined in Gartner’s TPRM report.

Illustration: Veridion / Data: Gartner

On the flip side, failure to identify and remediate risks on time can create delays and returns, and even endanger lives.

Earlier this year, Boeing found itself under fire after a door on one of its aircraft blew off mid-flight, putting 177 passengers at great risk.

Although much of the scrutiny was aimed at its key supplier Spirit AeroSystems, the incident exposed inadequate mechanisms and gaps on Boeing’s part.

This led to nearly 200 grounded crafts, hefty financial compensation, leadership change, and a plummeting reputation, all of which could have been avoided through better quality control practices.

To sum up, managing quality risks starts with thorough supplier evaluation, but continuous, robust monitoring mechanisms are just as important.

Cybersecurity Risk

Working with numerous vendors and third parties using different systems and technologies leaves organizations exposed to significant cybersecurity risks.

Nowadays, it’s no longer enough to protect your own systems from data breaches, malware, phishing, and other malicious activities.

If a supplier’s system has gaps, these can be exploited by attackers, exposing you to financial loss, disruption, or reputational damage.

As a matter of fact, research by Cyber GRX revealed that over 60% of surveyed business professionals experienced at least one cyber incident in their company linked to a third party.

Illustration: Veridion / Data: Cyber GRX

A breach that compromises sensitive business data and your systems is already a serious problem on its own.

But when it affects customers, the fallout can be devastating.

Earlier this year, Fidelity Investments Life Insurance Company (FILI) had to notify nearly 30,000 individuals that their personal information had been compromised thanks to a third-party data breach.

The same third-party service provider, Infosys McCamish, had been a part of another major data breach incident, affecting over 57,000 Bank of America customers.

The investigation is ongoing, but at this point, it’s clear that the third-party’s system served as a launching pad for attackers to gain access to customers’ social security numbers, dates of birth, and more.

Another common tactic for stealing sensitive data is phishing, a form of impersonation that is increasingly more difficult to detect due to AI and deepfake advancements.

A majority of the 250 senior decision-makers surveyed by Teleport cited AI impersonation as a significant cybersecurity risk, which raises the question of how can organizations defend against emerging threats.

According to David Atkinson, the CEO of cybersecurity solution SenseOn, many companies make the mistake of rushing to implement new tools, rather than consolidating strategies and communicating with their suppliers.

Illustration: Veridion / Quote: IT Security Guru

The question is, how can companies revise and improve their cybersecurity strategies to also address third-party management?

For example, you can lay down specific security practices like multi-factor authentication (MFA) that all selected vendors must adopt to minimize the risk of fraud.

Another way to significantly bolster your ability to counter cyber threats is to request compliance with cybersecurity standards, such as NIST (National Institute of Standards and Technology).

Source: Veridion

Organizations can also incorporate a risk-based approach to categorizing vendors on the data sensitivity they have access to, and their overall proximity to your key systems.

That way, you can prioritize vendors that require a more comprehensive assessment of cybersecurity protocols and systems related to:

• Data handling
• Encryption practices
• Incident response plans
• Employee access control

Remember: even when you’re satisfied with the cybersecurity measures your suppliers adopted, keep your eyes peeled for any emerging risks.

Geopolitical Risk

Managing geopolitical risk helps organizations shake off unexpected disruptions and ensure supply chain continuity.

However, anticipating and planning for trade policy changes or general political instabilities is a daunting task.

For instance, the current geopolitical situation in the Middle East is one cause for concern.

The Economic Observatory examined how a wider conflict in this region could impact the global economy, and the forecasts aren’t optimistic.

Source: Economics Observatory

Therefore, one thing that organizations can and should do is rethink their procurement and supplier sourcing approaches as a whole.

According to a Gartner report, 40% of supply chains were impacted by recent geopolitical risks, negatively impacting the performance of a significant number of companies.

Illustration: Veridion / Data: Gartner

But regardless of this, 45% of the respondents managed to meet their performance expectations, and 15% even exceeded them amidst major geopolitical events.

This begs the question, what did these companies do differently?

In general, organizations that can successfully navigate sudden changes on a global level invest time and effort into building resilience and maintaining agility.

One common risk management strategy for achieving this is supplier diversification, which ensures that critical products or services are spread across several suppliers and multiple regions.

Staying informed about geopolitical developments in supplier regions and adjusting the approach at the first sign of trouble is equally important.

Yet, a recent survey of over 1,300 professionals worldwide revealed that 27% use the same approach for all vendors. In the ongoing era of volatility, this simply won’t do.

According to Gartner’s VP Analyst of Supply Chain Strategy, Pierfrancesco Manenti, organizations need to be more proactive and adopt “geopolitically elastic” supply chains.

Illustration: Veridion / Quote: Gartner

The gist of this approach lies in:

• understanding and redefining operating boundaries,
• working outside the established geopolitical trust boundaries, and
• seizing opportunities in the face of mounting risks.

Moreover, Manenti explains AI and advanced analytics will play increasingly important roles in effective planning, enabling businesses to analyze data from suppliers, governments, and the media.

In conclusion, maintaining flexibility and staying one step ahead of geopolitical uncertainties is the only way organizations can ensure they continue meeting expectations.

Conclusion

Supplier selection is a complex process, and the necessity of addressing various risks makes it more challenging still.

Yet, the initial effort and planning are essential ingredients that will enable you to avoid disruptions, financial setbacks, and reputational damage.

Proactive risk management mechanisms pave the way for strong supplier relationships that can help you weather any geopolitical storm and external pressures.

Evaluate your current supplier selection processes, fix what needs fixing, and don’t hesitate to explore innovative approaches and solutions.

And remember: with the right strategy and tools, you can transform risks into opportunities!