The supply chain can stretch locally or internationally. The chain can be short, with a smaller firm tied to a supplier or two, or long and complex. The biggest retailers and manufacturers can have supply chains made up of thousands of links, with thousands of suppliers, in myriad locations.
With so many moving parts and firms to deal with, “know your supplier” may take its place as an enterprise’s mantra right alongside “know your customer.” Risks can spring up along the supply chain, with lack of compliance, say, for parts or goods sold or documentation related to payments.
Earlier this month, Zycus, a procurement technology company focused on sourcing to payments, and Global Risk Management Solutions (GRMS), which offers compliance screening, said they had formed a strategic partnership to help mitigate supply chain risk.
In an interview with PYMNTS, Richard Waugh, vice president for corporate development at Zycus, and Gerard Smith, president at Global Risk Management Solutions, said that the partnership between the two firms is designed to bring the former’s software together with the latter’s services. Waugh noted that suppliers, through online portals, offer information on a self-service basis and across a variety of data points, from financial information to insurance documents. The overarching theme, said the executive, is one of “trust but verify,” wherein GRMS helps with the verification part of the equation.
Smith told PYMNTS that one area that demonstrates risk tied specifically to compliance is also one of liability — a vast majority of firms may not have certificates of insurance in place or updated. In that event, liability can shift from a supplier to a corporate entity. Similarly, not maintaining or obtaining the right tax documentation related to suppliers (such as W-9 forms) can create regulatory pain points.
One question the partnership seeks to answer, said Smith, is not easily confirmed by traditional methods of supplier interaction, which can take place at the most basic levels. “The first information firms get is minimal information,” he said, and can be limited to invoices, with confirmation of names and tax identification numbers. But that data, he added, “does not answer the question of whether you should be doing business with that firm in the first place.” Both Smith and Waugh noted that enterprises tend to evaluate supplier risk infrequently, on the order of once a year, where the combined efforts of Zycus and GRMS seek to provide alerts in real time when changes are made and when documentation is suddenly out of date. Such alerts, on a push basis, “can bring value to buying organizations and also visibility.”