1 / 47

Supply Chain Risk Leadership Council February 2007 Tim Astley Strategic Risk

Creating Value Through Resilience An insurer’s perspective on supply chain risk management. Supply Chain Risk Leadership Council February 2007 Tim Astley Strategic Risk Zurich Risk Engineering. Structure of presentation. Overview of SCRM – setting the context Tools and techniques

emil
Download Presentation

Supply Chain Risk Leadership Council February 2007 Tim Astley Strategic Risk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Creating Value Through ResilienceAn insurer’s perspective on supply chain risk management Supply Chain Risk Leadership Council February 2007 Tim Astley Strategic Risk Zurich Risk Engineering

  2. Structure of presentation • Overview of SCRM – setting the context • Tools and techniques • Where is value added?

  3. E.G. LEVEL 1 Process Value creation (production) LEVEL 2 Infrastructure Physical flow (logistics) LEVEL 3 Organisation networks Strategic (partnerships) The concept of supply chain networks* * From Cranfield University – Supply Chain Risk

  4. Where does Zurich fit in to the supply chain picture? Supplier – insurance products (quotes, policies, claims) Customer – e.g. outsourced services, IT Partner / advisor – tools and techniques Stakeholder – risk transferee (Property, BI, Liability, Marine/Cargo, D&O, etc)

  5. Liability Marine Marine Liability S1 SL1 M1 M2 CL1 C1 What supply chain risks interest an insurer? D&O Property BI customer supplier How well are these understood?

  6. What does an insurer want to know? • As much information about the risks as possible(!) • How well are they understood? • How well are they managed? • How well are they controlled? • The better a risk is managed and controlled, the more comfortable an insurer is (and the CEO)

  7. Why are things changing? • Greater complexity • Change of risk profile when a company outsources • High profile / high cost insured events • BI claim frequently > property damage • Focus on resilience

  8. Supply chain risks? • Risks in a company’s supply chain which threaten the success and reputation of the business. • What does this mean in practice? • Properly managing the supply chain • Optimising / protecting the profit flow • Focussing on resilience • Two perspectives on the same thing: • SCRM • Loss-of-Profits Insurance

  9. A few words about resilience The ability of an organisation to resist being affected by an incident OR The ability to recover (quickly) from major disruptions back to normal business processes

  10. Resilience • Influenced by internal organisation, resources & supply chain. • May be inherent, a reflection of ability and commitment, … … or the result of careful planning • Can imply slack, surplus, spare, redundancy – and cost • Or good BCM • Investors like it - expect a “no-surprises” result • It is music to an insurer’s ears

  11. How does this lead to engagement in the bigger conversation? • Enterprise Risk Management • Business Continuity Management • Supply Chain Risk Management • Traditional (Insurance) Risk Management

  12. ERM, BCM, SCRM • The supply chain is relevant in each • Insurers are interested in aspects of each, just as the Board and shareholders and other stakeholders are interested… • …just from a different perspective • But still evidence of ‘silo’ thinking • Need to coordinate the disciplines

  13. Tools and techniques

  14. What tools and techniques does Zurich use to evaluate supply chain risks? • ‘Traditional’ • Risk grading and benchmarking • Interdependency analysis • Qualitative risk analysis techniques • Adherence to standards • Risk quantification

  15. ‘Traditional’ • Site risk assessments • Evaluations and risk improvement recommendations • Due diligence • Standards of care guidelines • e.g.Marine

  16. Risk grading and benchmarking • Risk Grading • e.g.Property, BI, BCM, Extended Perils, General & Product Liability, Machinery Breakdown • Benchmarking • Promotes best practice (internal & external) • Particular value in asset management • Less easy for evaluating SC complexity

  17. Interdependency analysis • Risk definition • Supply chain mapping • Loss of profits modelling

  18. Risk Definition Key risks rated as shown: 1. Like-for-like sales growth 2. Customer satisfaction 3. IT network resilience 4. Sarbanes Oxley 5. Health and safety 6. Business Continuity 7. Legislation 1 6 Likelihood 7 2 5 4 3 Impact NEED TO UNDERSTAND WHAT EACH RISK REALLY MEANS

  19. Loss of Profits Cost of Temporary Solution Loss of profits modelling Total Insurable Loss Cost = • Loss of Profits…+ …Costs of the temporary solution (ICOW) Need full understanding of supply chain and associated risks ICOW GP Time

  20. Supplier Supply chain mapping Strike a balance between pragmatism and complexity

  21. Qualitative risk analysis • Scenario definitions • Risk profiling • Risk interdependency mapping. • Risk appetite (e.g. BIA)

  22. Scenario definitions • Structured approach to gain common understanding of risk • Risk profiling 1 6 Likelihood 7 2 5 4 3 Impact

  23. 1 6 7 2 5 4 3 Qualitative risk analysis – Zurich approach Risk appetite Likelihood Impact

  24. 1 6 7 2 5 4 3 Qualitative risk analysis in BCM • Business Impact Analysis (BIA) • Identify the key processes and activities • Determine the impact upon the business if these were disrupted or lost • Consider the GAP (MAO, RTO, etc). E.g. financial, market, customer loyalty impacts • Conduct a risk analysis to identify the potential threats – prioritise resources Likelihood Impact

  25. 1 6 7 2 5 4 3 Qualitative risk analysis • Enables: • Effective communication of risks • Understanding of interrelationships • Prioritisation • Focus on key issues • Efficient BCM / SCM / ERM Likelihood Impact

  26. Yourhealth com TotalRisk Profiling on Healthwatch 14.04.2000 Probability Annual Loss Amount Quantitative techniques • Actuarial techniques • Retention studies • Total cost of risk • Evaluation of real loss / claims data • ‘Simulation’ of data in difficult areas • Combine and analyse

  27. Risk quantification

  28. Risk quantification • Enables: • Greater insight into exposure analysis • Efficient capital allocation • Total view

  29. The spectrum of supply chain management activity* CHANGE MANAGEMENT (implementation of modifications) PLANNING (‘ideal world’) MANAGEMENT (established supply chain) * Haywood, M. (2002), “An Investigation into supply chain vulnerability management within UK aerospace manufacturing supply chains”

  30. When would Zurich apply these tools? PLANNING CHANGE MANAGEMENT MANAGEMENT Benchmarking, loss lessons, claims analysis Traditional - site surveys, gradings Traditional - site surveys, gradings Risk quantification – actuarial techniques, retention studies, total cost of risk Interdependency analysis Benchmarking, loss lessons, claims analysis Qualitative risk analysis techniques Qualitative risk analysis techniques Adherence to standards Adherence to standards Risk quantification

  31. Adding value - Insurers’ perspective • Companies with genuine business resilience want credit for it. • Underwriters’ view of risk is strongly influenced by the quality of data • Insurers need: • Loss potentials accurately modelled • Continuity plans fully detailed • To be convinced that plans will succeed • To understand supply chain exposures • This will reduce doubt and allow more ‘accurate’ insurance pricing • Creating added value for all

  32. Exceeding Probability Impact on GP (BI Loss Estimate) Adding value - the insurers’ perspective Business Continuity Plans (BCPs) Implemented Original EML

  33. Exceeding Probability “Resilience Adjusted” EML Impact on GP (BI Loss Estimate) Adding value - the insurers’ perspective

  34. Greater focus on BCM and SCRM greater awareness about supply chain exposures reduction of surprises more dialogue with insurers more opportunity to create value Finally…

  35. Thank-you Tim Astleytim.astley@zurich.com+44 (0) 1423 359564+44 (0) 7730 735396

  36. Supporting material

  37. Adherence to standards • Standards in SCM? ERM – e.g. COSO, etc • Standards in BCM – e.g. NFPA 1600, BS 25999, ISO?? • BCM still not widely understood • Big kick to major customers’ desire for assurance • Knock-on effect in SC • Insurers see value • Impending internationalisation

  38. SL1 CL1 C1 M1 S1 M2 ‘Marine’ risk management • Addresses mostly hijackingand theft • ‘Small’ loss events can create major disruptions – how big? • Can effect reputation • Surprisingly under-developed • Need to address the basics – security, handling, minimum standards of care • Use of technology – long way to go • Value to be gained

  39. High risk Assurance of supply Partnering Low risk Process Leverage Low cost High cost SC issues in Europe – Zurich’s observations • Growing focus on CSR • Assessment and audit of suppliers (threat to brand) • Reduction of supplier base – risk-based • Outsourcing / offshoring • Supplier (and customer) positioning • Growing interest in risk measurement

  40. Consequences Trigger Vulnerability How? How Big? What? Where? Why? How Bad? Controls? When? How Much? Analysis Parameters • DEPTH of analysis • DURATION of analysis • DATA available • SCOPE of analysis • PERSPECTIVE of analysis • TIME HORIZON Interdependent factors which determine the true value of the analysis

  41. ‘Headline’ risks • Avian flu • Pandemics • Cyber risk • Infodemics • Climate change • Single-issue campaigning • Strikes • Brand damage, etc • All impact the broader supply chain – but how?

  42. Planning hold-ups delay expansion and refurbishment of retail outlets Year-on-year sales growth is a key industry performance measure Decline in like-for-like sales growth Competitor pre-empts legislation change Possible new legislation will change buying habits Only one supplier of key customer systems technology Failure to meet earnings targets Fire at key supplier - no BCP Loss of market share Customer systems dependent on IT infrastructure(robust back-up procedures) IT back-up systems failure Company subject to Sarbanes- Oxley legislation(extensive compliance programme underway) Company fined,MD gaoled SEC finds non-compliance Understanding Risks Better Consequences Trigger Vulnerability Damage to reputation

  43. Interdependency analysis • Importance of value flow vs. physical flow • Proper appreciation of the risks • Address complexity • Measure financial impacts • Enables ‘what-ifs’ • Imprecise by nature • Prioritisation • Resource and capital allocation • Strategic decisions

  44. (Deloitte BCM survey – 2005) What new issues are we faced with and how do we view them? • Greater BCM and SCRMfocus  greater awareness about non-insured risks • What are the other drivers?

  45. EXTERNAL 1 Change in regulation or tax rate Interruption to communication systems. Fuel shortage 2 3 Restrictions on use of buildings, staff availability or deliveries due to external influences 4 Insolvency (customers and suppliers) 5 Interruption at customer / supplier 6 Raw materials Extortion, fraud, theft and virus 7 Reputation 8 1 Staff illness INTERNAL 2 Fines, penalties and closures Product-related 3 4 Errors 5 Latent defects 6 Demand / competition Uninsured concerns - brief customer survey(Red = High) = Supply chain related

  46. Possible supply chain triggers • Insolvency of customers or suppliers • Denial of access, restriction on suppliers’ use of buildings • Strikes – suppliers, transport and customers • Interruption to their utilities or communications systems • Customer / supplier staff illness • Unavailability of raw materials • Failure of supplier’s suppliers • Any other incident outside their control that prevented supply Which would be of most interest? Any more?

  47. More value to protect - collateral damage (Iceberg principle) Insured risks Business interruption, product liability, debris removal & salvage, hire Workers compensation, public liability, assets, tooling Indirect costs Direct costs Investigation costs, loss of goodwill, brand, image, hiring, training, legal, overtime, temporary hire, loss of expertise, emergency supplies, records/data Sick pay, repairs, lost/damaged product Uninsured risks

More Related