Home Procurement Digital Procurement for Supplier Compliance Risk Evaluation

Digital Procurement for Supplier Compliance Risk Evaluation

Supplier Compliance Risk Evaluation
Earn Accredited Designation Awards via Online Learning

Digital technologies for procurement are advancing by leaps and bounds in the age of digitalisation. Cognitive computing, Cyber tracking, Block chain, Sensors, Wearables, Augmented Reality (AR) and Virtual Reality (VR) to name a few, are no longer unfamiliar terminologies for those who are in the procurement field. As a result of globalisation, companies have a pool of suppliers that are present in different geographical areas across the world.

With limited or little knowledge of these suppliers and the different environments that they operate in, managing supplier risk and compliance is an uphill struggle for the procurement teams, and this has led to increased risks in global business or supply chains.  

The world’s largest trade pact, Regional Comprehensive Economic Partnership (RCEP), which covers almost one-third of the world’s population was signed on 15th Nov 2020. This represented a significant milestone and more work to bring about greater transparency among the member countries in terms of laws, rules and regulations and measures e.g. Standards of Intellectual Property (IP) protection and enforcement need to be done.

With evolution of digital solutions in procurement, the data inputs such as contracts, specifications, movement of goods etc have offered better visibility or insights, which will navigate the procurement teams towards better decision making, greater efficiency and effectiveness. As a result, supplier compliance risks can be managed and mitigated accordingly.

Characteristics of Digital Procurement

Digital procurement enables businesses to buy smarter, with real time exchange of updates and documents, which will mitigate supply chain risks. There are three distinctive characteristics of digital procurement namely Sourcing to Contract(S2C) has become predictive, Procure to Pay(P2P) has become automated and Supplier Risk Management (SRM) has become proactive.

  • Predictive Source to Contract(S2C)

With high visibility of the supply bases, prices and costs, transparent agreements with best value suppliers can be achieved. Disruptive technologies e.g. cognitive computing can help to predict future demand, sources of supply and contracts renewals.

  • Automated Procure to Pay(P2P)

An automated, centralised database P2P will simplify both purchasing data management and streamline all procurement processes from sourcing to invoice processing and payment interface. Based on the Accenture research in 2018, Robotic Process Automation (RPA) can help to reduce invoice processing time by 72% and produce accurate three-way match (Purchase Order, Goods Received Note, and Invoice).

  • Proactive Supplier Relationship Management (SRM)

With the help of digital technologies, Supplier Risk Management is becoming more pre-emptive or proactive. For instance, procurement professionals can now conduct supplier site visits through the deployment of Augmented Reality (AR) and monitor supplier risks in real time via advanced visualisation of third-party data.

Banking Sector
Image taken from SIPMM: https://publication.sipmm.edu.sg/digital-procurement-banking-sector/

Defining Supplier Compliance

Supplier compliance means adhering to a rule such as standards, laws, specifications, and policy. Many companies have expanded their supplier compliance coverage or requirements over the years, not only conforming to the relevant laws but also taking a more proactive approach to be perceived as socially responsible “Global Corporate Citizen”.Sustainability is one of the key measurements when it comes to supplier compliance in recent years. According to Shelton group’s report in 2016, “Sustainability” is receiving 49,500 searches per month on average in the United States. The top three key attributes of sustainability that have gained popularity amongst companies include Ethics and Business conduct, Health and Safety and Environment. Hence, both sustainability and supplier compliance are mutually inclusive, and this equates to ethical procurement practices.

Compliance Management in Practice
Image taken from http://www.chainlinkresearch.com/media/docs/original/Supplier_Risk_and_Compliance_Management_in_Practice.pdf

Importance of Supplier Compliance Programme

The supplier compliance considerations for procurement should take into account the other side of the equation which is “What happens if supplier compliance programme is not implemented, not just for the individuals, but for the whole company and country?” Petrobras suffered an estimated loss of USD 21 billion in 2015 due to a corruption scandal. The impact of this corruption scandal is still unfolding, and this has resulted in significant damage to Petrobras’s brand as well as Brazil’s image as a destination for investment.

Hierarchy of Suppliers Segmentation and its compliance focus

Supplier segmentation will help companies to better allocate their resources efficiently so that supplier compliance can be managed more effectively. Procurement teams can apply a customised strategic approach for each relationship based on its level of criticality to the business.

  • Transactional Suppliers

Refers to one-off or short-term business relationship and there could be thousands of them in the company’s list. Usually, they belong to “Non-Critical” to the business. The focus is only on the contract compliance and basically there is no risk scorecard at all.

  • Critical Suppliers

Refers to frequent dealings or short to midterm business relationship. This group of suppliers may have direct impact on time, quality, money, and reputation of the company. Hence, Risk Management must be conducted, and their performance will be measured based on risk scorecard. 

  • Strategic Suppliers

Belong to the highest rated category of suppliers which have close or long-term relationship with the company and there is some level of integration into each other’s commercial success or joint value. This group of suppliers are usually selected from the “Critical Suppliers” list after going through the rationalisation and alignment phases. There will be strategic Quarterly Business Reviews (QBRs) and joint approach to performance improvements.

Suppliers Compliance Risk Evaluation

Risk evaluation is crucial for “Critical Service” supplier on boarding decisions. Performing Risk Evaluation on “Critical Suppliers” helps contracting companies understand the potential impact of the services offered by this segment of suppliers.

  • Risk Assessment

It is a process of evaluating the risk(s) due to a hazard(s) or impact(s), considering the adequacy of any existing controls, and deciding whether or not the risk(s) is acceptable to the contracting company or business. Risk assessment requires an evaluation of two principal factors namely Likelihood (Frequency of using the service and previous use or performance) and Severity or Impact (The scale of the consequences of the occurrence eg potential risk to human health and safety, inability to fulfill contractual requirements including breach of regulatory or common laws, company reputation etc). Each component is given a score from 1 (lowest risk) to 5 (highest risk).

  • Risk Factor

Risk Factor is calculated by multiplying the Likelihood by the Severity rating. It represents the level of risk involved in working with the supplier, with minimum score of 1 and maximum score of 25(based on the 5 by 5 matrix). Assessing business risks is a proactive approach in minimising problems in the supply chain. Hence, it is important that the calculated risk factor is considered during the evaluation and onboarding process.For instance, if the Likelihood is “Seldom”, its rating will be 2, while Severity is “Major”, its rating will be 4. Hence the Risk Factor will be 2 multiply by 4, which equals to 8 and its risk level will be classified as “Moderate” as indicated in the chart below:

Risk Management Guidance
Image taken from GAC Group Risk Management Guidance
  • Determining the Needs for Controls

Having completed a Risk Assessment and after taking into account of the existing controls, the company should be able to determine whether the risk level posed by the supplier is acceptable and whether the existing controls within the company are adequate or need improving. The end in mind here is to bring the risk level to As Low As Reasonably Practicable (ALARP) especially for those critical suppliers which fall under the “Moderate” and “High” risk level. If risk reduction is not possible, the company should not work with the relevant suppliers, and alternatives should be sourced instead.

The full content is only visible to SIPMM members

Already a member? Please Login to continue reading.


Accenture. (2018). “Procurement’s next frontier: How intelligent automation dramatically reduces cost and transforms the growth agenda”. Retrieved from https://www.accenture.com/t20180223T092928Z__w__/sg-en/_acnmedia/PDF-71/Accenture-Procurements-Next-Frontier-PDF.pdf, accessed on 02/12/2020.

Bill McBeath, ChainLink Research (2012). “Supplier Risk and Compliance Management in Practice”. Retrieved from http://www.chainlinkresearch.com/media/docs/original/Supplier_Risk_and_Compliance_Management_in_Practice.pdf, accessed on 02/12/2020.

Constantin Draghici (2020). “GAC Group Risk Management Guidance Rev. 3”. Accessed on 02/12/2020. 

Deloitte. (2017). “Digital Procurement”. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/us/Documents/process-and-operations/us-cons-digital-procurement.pdf, accessed on 02/12/2020.

Eliza Huang, GDPM. (2019). “Digital Procurement for the Banking Sector”. Retrieved from SIPMM: https://publication.sipmm.edu.sg/digital-procurement-banking-sector/ , accessed on 02/12/2020.

Elsa Zhang Chunhao, DPSM. (2019). “Mitigating the Risks of Global Sourcing”. Retrieved from SIPMM: https://publication.sipmm.edu.sg/mitigating-risks-global-sourcing/, accessed on 02/12/2020.

Institute for Supply Management (ISM) (2019). “A Supply Management View of Sustainability”. Retrieved from https://cdn2.hubspot.net/hubfs/620652/White%20Paper_Sustainability_102019.pdf, accessed on 02/12/2020.

Miguel Cassio, Gartner (2018). “Optimize Resources and Achieve Better Results with an Effective Supplier Segmentation Strategy”. Retrieved from https://www.gartner.com/en/documents/3880367/optimize-resources-and-achieve-better-results-with-an-ef, accessed on 02/12/2020.

Shelton Group (2016). “Green buzzwords: the online search edition”. Retrieved from https://storage.googleapis.com/shelton-group/Content%20Library/Green-Buzzwords_Online-Search-Edition.pdf, accessed on 02/12/2020.