Dream B.I.G. (bridge information governance) with SIM
“All men who have achieved great things have been great dreamers.”
– Orlson Swett Marden
I dream BIG. I can imagine an environment where organizations have great Supplier Information Management software in place. Further, I imagine that, even though complex organizations have a large number of variations and permutations in business requirements, order can be achieved out of supplier information chaos. And, I see high performing procurement organizations leveraging all the procurement levers to sustain bottom line savings value because of this.
Imagine…
Within Accounts Payable…
- W8/W9, and other tax forms…
What if you could, using a supplier onboarding software solution, automatically collect the necessary W8 or W9 with an automatic TIN check against the IRS database (or VAT, or similar)?
- Returned checks…
What if the suppliers could enter their banking details online, with automatic SWIFT check, to ensure that payments are correctly issued to the proper bank account?
- Finding/Identifying proper supplier/bank for payment…
What if, upon paying a supplier, the correct supplier record is identified by business relationship?
- Communicating with suppliers to extend payment terms…
What if your suppliers can automatically be contacted with requests to extend payment terms, with an ability to approve the terms online – and have the new terms automatically communicated with any necessary downstream system?
- AP helpdesk (e.g., invoice collection, status, etc.)…
What if suppliers could both submit their invoices online, as well as go to their same supplier portal to check on status?
- Fraudulent payments (false invoices, bank acct modification, etc.)…
What if suppliers load their invoices into one system, matches the invoice to business relationship and requests verification from the proper stakeholders – and what if no employee can modify a banking account profile without proper checks and balances? (note: industry average is 4+ per company, each 2+ years before catching the fraud, with a cost of $175k per year)
- Early payment discounts…
What if existing suppliers are automatically prompted with an option for early payment, for a reduced rate, and, upon approval, the downstream systems are automatically updated with the information needed to adjust the payment date and payment amount due?
Within Legal…
- Searching for contracts…
What if, whenever legal (or sourcing) had to locate a contract, they could go to one system of record – and be able to locate it by supplier, by supplier relationship, by meta data, by full text search, or other?
- Standardized contracts…
What if, any time a contract is issued to a supplier, the issuing party can leverage a central repository for standard contracts, as well as have any supplier-signed contracts automatically routed to legal for final review?
- Liability…
What if all contractual insurance requirements are communicated with the supplier, the supplier is prompted to load their COI appropriately, and verification of coverage is routed to the appropriate personnel (with quick view)?
Within Sourcing…
- Rebates…
What if, upon contract execution, rebate thresholds are captured and, upon exceeding the predetermined spend amount, the supplier is automatically notified, with supporting documentation, that a rebate is due?
- Off-contract spend…
What if, upon a supplier add request, the details of the supplier and commodity are routed to sourcing (and/or other stakeholders) who can review the request against existing preferred suppliers – and, upon receiving the request, they can approve, deny, recommend, or request further reasoning – before any new suppliers are onboarded?
- Supplier growth…
What if, systematically, the supplier management software minimized all new requests, not just sourced commodities, so that all costs related to onboarding and managing the incremental new suppliers are minimized?
- 3rd Party Data Enrichment (e.g., parent/child, commodities, etc.)…
What if suppliers could manage their own organizational structure (parent/child), diversity/small status with supporting documentation, commodities and coverage, and financial data, so that 3rd party enrichment of these elements are either minimized or eliminated?
- Supplier research…
What if, whenever stakeholders needed to find relevant information on suppliers (e.g., contacts, items purchased, location, spend, internal buyer(s), etc.), they could go to one location and quickly drill into each supplier detail, or view across subsets of suppliers?
- Identifying new suppliers…
What if, in addition to having a repository of existing suppliers, potential suppliers had the ability to “register” to do business, enter their qualifying details by commodity (e.g., coverage areas, specialties, other RFI-type questions), so that sourcing can quickly identify and prequalify potential new suppliers?
- Walk-up suppliers…
What if, by providing potential suppliers a thorough registration process, by commodities offered, and by providing them with automatic alerts of status and upcoming projects, they minimize incoming emails and phone calls?
- Ad-hoc spend analysis (aggregation, cleanse, etc.)…
What if, by having a standardized method of categorizing suppliers, and corresponding spend (by business unit, by legal entity, etc.), stakeholders could quickly create reports to analyze spend, growth, maverick units/people, etc.?
- Contract research…
What if, on all existing suppliers, their contracts are stored with their profile and can be searched by contract type, expiration date, full text, or any other relevant metadata?
- Market-making research…
What if, in addition to the supplier profile, sourcing could quickly assess the market, across existing and potential suppliers, by regional capabilities, or any other relevant data point?
Within Diversity…
- Small business compliance…
What if small business spend is quickly reported on, by each specific ISR/SSR requirement, and you can adjust the spend appropriately prior to an audit?
- Small/diverse information…
What if, on both potential and existing suppliers, all relevant small/diverse information is collected, such as: commodity, revenue, number of employees, gender, ethnicity, certification agencies, etc.?
Within Risk and Performance…
- Reputational/brand risk…
What if, automatically, suppliers are prompted to verify their social responsibility and governmental obligations (e.g., RoHS/REECH), and supplier factory audits are coordinated appropriately, in order to have full accountability and traceability of any issue that may harm the corporate brand?
- Supply chain disruption reaction time…
What if, upon or even prior to a supply chain disruption, the key stakeholders are notified of the potential issue, is equipped with all relevant information (e.g., type of incident, products impacted, alternative suppliers, etc.) so that they can act quickly to minimize costs of alternatives, prior to a competitor locking up available bandwidth?
- Tier-n insolvency…
What if, in addition to having visibility into Tier-1 supplier financial risk/insolvency, you had the same visibility into key Tier-2 through n suppliers, and could identify risky suppliers and probable switching costs, prior to the disruptions flowing upwards?
- Loss of revenue due to supply chain disruption…
What if, upon a supply chain disruption, stakeholders had real-time information on potential substitute suppliers (e.g., manufacturers, ports, etc.) to ensure that delay of products/services to the customer is minimized?
- Supplier scorecards…
What if, systematically, all relevant suppliers are properly scorecarded, using supplier-provided, internally-provided, system-provided (e.g., short-ships, late ships, etc.), and 3rd-party data provided information, so that risky suppliers can be quickly identified, and so your organization can work with strategic suppliers to improve productivity/quality?
- Collect of risk metrics…
What if all risk metrics, regardless of source system or input, were quickly assessable in one location?
- Managing the scorecarding process…
What if all scorecarding was standardized, with an ability to modify by special circumstance (commodity, region, plant, supplier-type, etc.), and the process is automatically driven from publishing through review?
- Business Continuity Planning research…
What if you had full visibility into the supplier map, and supplier capabilities and localized risk (e.g., frequency of hurricane, port strikes, etc.) in one central location – with the ability to automatically, through the system, request additional information from the supplier(s)?
- Enforcing/communicating mitigation plans…
What if, upon issuing a mitigation plan, all relevant parties are informed of their requirements, information is automatically collected from the relevant parties, and a process of checks and balances are automatically driven, with full audit visibility?
Supplier Master…
- Onboarding cycle time…
What if the supplier onboarding process, whether lean onboards or full process, was thorough, yet streamlined and efficient, enabling your organization to bring products to market quicker?
- Supplier helpdesk…
What if, during supplier onboarding, the proper relevant information was required from the supplier, and by the correct supplier personnel, with supporting communication/documentation, to ensure the supplier is not confused about what is needed from them, or where they are within the process?
- Syndicating enrollment forms (e.g., by country, etc.)…
What if, during supplier onboarding, the information collected is automatically determined and asked of the supplier, whether by country, by commodity provided, or other?
- Data reentry…
What if, for any supplier provided information, the data was electronically captured and routed (as needed), and, for data that is necessary for relevant downstream systems (e.g., ERP AP, etc.), the data is syndicated automatically to those systems as needed?
Procurement IT…
- Aggregation efforts (e.g., reports across downstream systems)…
What if, at any time supplier data is needed, and whether the information resides across systems, the information was already readily available, and accounted for by business relationship, in one system?
- ERP modifications (e.g., ABAP programming, etc.)…
What if what information is gathered on suppliers does not need ERP modifications?
- Contract Management…
What if all buy-side contracts were stored in the supplier management system, with the rest of the supplier profile, so you didn’t need a separate contract management system?
- Spend Analysis…
What if all supplier-level spend reports were available through the supplier management system, so you didn’t need a separate spend analysis system?
- Supplier Diversity Portal…
What if all diversity requirements were captured, whether existing or potential suppliers, within the enterprise supplier management system, so you didn’t need a separate supplier diversity portal?
Within Compliance…
- SOX compliance…
What if, upon all supplier adds and/or modification of SOX-related information (e.g., banking), a separation of duties is automatically and systematically inherent in the process?
- FCPA / UK Anti-bribery compliance…
What if you had centralized control of FCPA/Anti-bribery initiatives for the collection of information (including employees, third parties, intermediaries, partners, and subsidiaries), can track and manage policies and business practices with your third-party contractors, government officials, and transactional partners, and provide real-time, auditable status?
- Information Security collection…
What if, automatically, all relevant suppliers that must adhere to Information Security requirements are published the relevant surveys, and, upon completing the surveys, the results are routed to approvers for review?
- ISO20001 collection…
What if, automatically, all relevant suppliers that must adhere to IS020001 requirements are notified that they must provide the necessary documentation, with the results being routed to approvers for review?
- SAS70 collection…
What if, any suppliers providing hosted services, are prompted to submit their SAS70 certification, and upon requiring an NDA for 3rd party providers (e.g., supplier uses Rackspace, or other), the NDA process is submitted to the supplier upon request?
- Non-Disclosure Agreement…
What if all suppliers that handle sensitive information are prompted to execute the corporate standard NDA, and stakeholders are aware of the status (e.g., received and reviewed) and/or expiration date – and, upon nearing expiration, the supplier is prompted again to execute a now-current version?
- Conflict Minerals Reporting…
What if all suppliers that utilize minerals, such as cassiterite, wolfremite, coltan, and gold, in their product (identified through the BOM) are prompted to verify they did not obtain it from a mine or smelter in Congo – and, if they weren’t the direct acquirer, would be prompted to provide their suppliers so that the same process can continue until full verification of conflict mineral compliance is guaranteed?
- Corporate Social Responsibility…
What if, upon onboarding a new supplier, or upon any new CSR changes, the suppliers are automatically prompted to enter their commitment?
- OFAC/debarment checks…
What if, upon supplier onboarding, the supplier name is checked against the OFAC and debarment lists to ensure you are not doing business with excluded parties – and, if upon a potential match, an internal stakeholder is notified to take any necessary corrective action?
- Certificate of Insurance…
What if, upon supplier onboarding, and at preset intervals, the supplier is prompted to supply the specific certificates of insurance necessary for the products/services being provided, with your organization named as an “additional insured”, and upon submitting the COI, it is routed to an internal verifier to ensure the certificate matches the coverage amount claimed?
- Health, Safety and Environment…
What if, at regular intervals, the supplier is prompted to submit all necessary information/documentation for Health Safety and Environment compliance?
- Audit coordination…
What if, whenever a supplier provides goods/services that require a factory (or other) audit, an auditor is informed of the process and necessary documentation, and, when the auditor has follow up questions, they have an auditor forum to rely on, and as they enter their results to be reported on, all the information is auditable?
- RoHS/REECH compliance…
What if suppliers that use hazardous substances are enrolled in the RoHS/REECH compliance process to determine fit for RoHS, REECH, or both, and upon enrolling, all supporting documentation of substance and use are provided by the supplier, and reportable/auditable?
- External audits…
What if, whenever your organization is being audited for on any governmental/compliance area, you and the auditor had one source of information for all compliance initiatives, all documentation, and with time/date stamps?
- Other compliance items…
What if, for any other compliance initiative, your organization could quickly define the surveys, the processes, and scope, and utilize a system-driven approach to collect all necessary information?
… and their fines/penalties…
- SOX…
What if, though a system-driven approach, your organization was able to fully eliminate, or minimize, SOX-related exposure – and, if audited and some non-compliance remained, what if your organization was able to prove “best faith effort” in ensuring compliance? (note: industry average fine is $1.7m)
- FCPA / UK Anti-bribery…
What if, though a system-driven approach, your organization was able to fully eliminate, or minimize, bribery-related exposure – and, if audited and some non-compliance remained, what if your organization was able to prove “best faith effort” in ensuring compliance? (note: industry average fine is $3.5m)
- Information Security…
What if, though a system-driven approach, your organization was able to virtually ensure Information Security compliance within the relevant suppliers?
- SAS70 / ISO20001…
What if, though a system-driven approach, your organization was able to virtually ensure SAS70 / ISO20001 compliance within the relevant suppliers?
- NDA…
What if all suppliers that are privileged to confidential information were bound by non-disclosure, with the threat of considerable penalty for non-compliance? (note: industry average cost for loss of proprietary information is $350k with 4+ incidents per year)
- CMR…
What if, though a system-driven approach, your organization was able to fully document the supplier map and ensure that no minerals originated (mine/smelter) from a conflict region?
- CSR…
What if, though a system-driven approach, you were ensured that all suppliers were fully aware of, and agreed to, your social responsibility requirements – and, upon non-compliance, your organization could document your requirements, the steps your organization took to ensure compliance (e.g., training, commitment, audits, etc.), and their binding agreement to uphold your standards?
- OFAC/debarment checks…
What if, though a system-driven approach, your organization was able to fully comply with governmental debarment checking? (note: average penalty for OFAC/debarment non-compliance is >$1m)
- HSE…
What if, though a system-driven approach, you were ensured that all suppliers were fully aware of their Health, Safety, and Environmental requirements – and, upon non-compliance, your organization could document the requirements, the steps your organization took to ensure compliance (e.g., training, commitment, audits, etc.), and their binding agreement to uphold the standards?
- RoHS/REECH…
What if, though a system-driven approach, your organization was able to fully eliminate, or minimize, RoHS/REECH-related exposure – and, if audited and some non-compliance remained, what if your organization was able to prove “best faith effort” in ensuring compliance?
- W8/W9…
What if, though a system-driven approach, your organization was able to fully comply with the IRS’ guidelines on W8 or W9 collection? (note: cost of each missing W9 is $100, and missing W8 will become a FACTA nightmare)
- Other…
What if, whenever a governance/compliance requirement exists, you can minimize your exposure and provide auditable “best faith effort” in the case of any non-compliance from a supplier?
And…
- Printers, ink and scanners…
What if, for the 99% of suppliers that have email, all supplier communication (whether form necessary upon enrollment, or periodic communication/requests) were handled electronically to eliminate the need, and cost, to print or scan?
- Postage…
As above.
- Duplicate audits…
What if visibility of all supplier relationships, across the enterprise, was available, so that supplier audits can be coordinated and done without duplication of efforts?
- Travel and Expense…
What if your organization had deeper information on each supplier, was able to stay in front of supplier performance issues, and/or had visibility into both nearby employees and/or additional suppliers, so that travel could be reduced?
- Error reconciliation…
What if you can minimize all costs due to data error reconciliation?
- Finding missing information…
What if you could ensure that all supplier information was readily available in one location, and viewable only be authorized personnel – and/or necessary supplier information can be emailed to internal stakeholders, as needed, to ensure they are kept apprised of necessary information changes?
- Duplicate efforts…
What if all supplier duplicate records were eliminated, but still accounting for dynamic data (e.g., multiple banking accounts, various business relationships, etc.), so that duplicate supplier management efforts are eliminated? (note: industry average is 30%+ at 2 systems)
- Missing email addresses…
What if suppliers provided not only their own contact/email details, but also backup/escalation contacts – and contacts specific to each functional area (e.g., support, finance, executive sponsorship, etc.)?
- General supplier communication…
What if, systematically, your organization could communicate with one, a subset, or the whole supplier community on any program changes, or needs?
- Approval processes…
What if all approvals were routed to the appropriate person, they were notified and could respond appropriately, as well as have the ability to reroute/escalate in the cases of absence, etc.?
- Supplier performance reviews…
What if all internal stakeholders are notified of their role and responsibility within a supplier performance review, they had visibility of the process, and had online help as needed?
If you have gotten to this point, you’ve been in a long, long dream. What if we all get carried away dreaming big – and no one is left to act?
Don’t worry, and no need to dream, because this is now possible. This is Supplier Information Management.