We have been conducting annual sourcing surveys for several years, and certain basic patterns have emerged. The results of our surveys closely align to our experience as practicing attorneys in the sourcing space. At the end of the day, our surveys and experience indicate that deals are most likely to succeed when the buying organization recognizes that "the deal" is not just the agreement that emerges from an often intense and compressed negotiation process. To borrow from the popular expression, a successful deal is usually the result of stepping back from the trees to see the forest early on in the process; planning an end-to-end integrated sourcing strategy in this context; and then methodically executing the plan, with a keen awareness that things may (will) need to be changed along the way.
Our most recent survey, "The Company You Keep," surveyed over 100 top sourcing, procurement and risk officers at leading companies around the world. We asked participants a series of questions aimed at identifying the key risks that their respective "extended enterprises" confront given the extraordinary degree to which companies today rely on third party relationships to design, make, distribute, support and sustain their products and/or services in a globalized and connected economy. Among the top findings of our survey was the confirmation that companies now give reputational risk even greater consideration than cost when selecting suppliers and service providers. This underscores the need to implement an integrated strategy when structuring supply chains and third party relationships in order to assess and manage risk.
At a conceptual level, a good integrated sourcing strategy has five key elements, or phases: vetting and selecting; structuring and documenting; education and training; monitoring and evaluation; and reacting and remedying. In practice, all these phases may unfold within the organization more or less in tandem and as part of a broad ongoing process that feeds back onto itself. Each enterprise will approach and structure the process in its own unique way, prioritizing and combining areas of risk and compliance based on numerous variables. These variables include not only relevant applicable laws, regulations and experience with enforcement agents, which can be heavily influenced by the industry in which the company operates, but increasingly include and encompass commitments made under corporate and/or industry codes of social responsibility.
Choosing the right third-party can mean the difference between having a significant asset or a major liability. The goal of
vetting and selecting is to make sure that the third party can not only meet price, quality and delivery requirements, but also comply with regulatory standards.
Structuring and documenting the third party relationship is ultimately about allocating risk through negotiations and contracts. It's when you establish the project scope and processes for monitoring and evaluating whether the third party is meeting those objectives and appropriately managing risk. It's also when you negotiate the remedies for the third party's failure to meet those metrics and possibly offer incentives for high performance. But this phase, if done thoughtfully, can also be used to minimize the residual risk that requires allocation between or among the contracting parties.
Educating and training third party suppliers and providers and making sure they are educating their own employees on relevant laws, regulations, corporate policies and prohibited conduct is extremely important. Our surveys indicate it is one of the key factors that enforcement agents look at when evaluating the adequacy of a company's corporate compliance program during an investigation.
One of the biggest mistakes multinational companies make is conducting thorough due diligence at the beginning of a new third party relationship, negotiating all kinds of contract provisions to get the right to monitor and evaluate their behavior, and then never using them. Of all the five stages,
monitoring and evaluating is where companies fall short most often according to our survey and experience.
Surprises are rarely a good thing in third party relationships. Nor is turning a blind eye to illegal, unethical or potentially dangerous practices you know or suspect your third parties may be engaged in. You may not only have a legal obligation to monitor the actions of your suppliers and providers, but to respond appropriately to any issues that arise and most importantly,
react to and remedy the problem.
Getting all this done is a huge challenge. Add to the challenge that the ground rules are in a constant state of flux and often lag behind ongoing technological and other developments. Many of our laws still presuppose a world of tangible goods that cross borders to a far more limited degree than what we are experiencing today. To some extent, the legal ecosystem has been updated to reflect a world where technology and other intangibles also readily move across borders. But it remains ill-equipped to deal with our globalized world of extended supply chains and ubiquitous data flows. Indeed, just keeping up with the worldwide tsunami of legal developments on the data protection front has become more than one person's job within any global enterprise.
Yet companies are getting the job done. At no time have companies had a greater core of experienced and diverse internal talent on which to draw in organizing and managing their sourcing activities. Never has anyone had greater instantaneous access to such enormous pools of information, much of it free. Innovative companies are bringing to market new cutting edge tool for assessing and mitigating risk across complex supply chains. Counselors around the globe increasingly understand the need to engage in risk-based assessments and provide practical advice. So although the challenges have never been greater, never have we been better positioned to succeed.
Through our survey and experience, we have identified best practices for managing the different phases of the sourcing process, specialists experienced in addressing the issues that are raised in each phase, and tools that help automate and increase the efficiency of collecting information and discharging necessary tasks. As lawyers, we recognize the importance of collaboration between our clients' procurement and sourcing arms and their legal and risk management departments. We have had the unique opportunity to work with many organizations, often when problems arise because of breakdowns in the processes described above. That perspective helps us recognize the advantages of implementing best practices in the first instance.