@scguydan

Concert Interrupted? – An agenda

for the chief supply chain officer to

develop countermeasures for

supply chain risks and disruptions

Danie Schoeman

Concert interrupted

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

China

Typhoon

Philippines

Typhoon

Indonesia

Forestfires

Indonesia

Seapiracy

South Africa

Hijackingviolence

Brazil

Transportstrikes

India

Childlabour

India

Floods

India

Portstrikes

Germany

Anti-Westernterrorism

SchengenStates

Bordercontrols

Turkey

Workingconditions& Bordercontrols

Japan

Counter-feits

China

Portexplosion

China

Factorystrikes

Guatemala

Politicalinstability

Argentina

Workingconditions

Peru

Supplychain

corruption

USA

Floods &Extremeweather

Mexico

UMC –Drugs

Canalcongestion

Panama

Colombia

Cargotheft

Bordercontrols

Chile

Netherlands

Cargotheft

UK

Cargotheft

It can happen to you …

BSI 2015 SCREEN Global Intelligence Report; DHL Resilience360

Mexico

Hurricane

Politicalinstability

Terrorism(ISIS attacks)

Earth-quake

@scguydan

At a hefty price tag

$56 billion+

2015

2014

2013>$300 billion

$57 billion

BSI Global Intelligence Reports

0

20

40

60

80

100

120

140

160

Co

st in

US$

bill

ion

33

93

23

@scguydan

“In one industry after another, supply chains have been stretched farther than they have ever been stretched in the past [with] few [that] have much experience managing supply risks across oceans and continents.” 5

1. BCI Supply Chain Resilience Survey 2014; 2. World Economic Forum Study 2012, Insurance News; 3. UPS Capital: Managing Risk in the Global Supply Chain 2014; 4. Deloitte 2012 Risk Management Report; 5. Ruud Bosman (2006) - The New Supply Chain Challenge: Risk Management in a Global Economy, Factor Mutual Insurance

90%

We coulda, woulda, shoulda

of respondents report at least one instance of supply chain disruption1

of companies DO NOT assess value and supply chain risk continuously4

of firms DO NOT quantify risk when outsourcing production3

of industry experts surveyed believe that supply chain and transport risk management are greater priorities in their companies today than 5 years ago2

81% 79%

90%

have risk managers in their firms, either in legal or compliance, but virtually all of those internal functions ignores supply chain risk3

DO NOT have full visibility of their supply chains1

66%

74%

@scguydan

The C-Suite is in the hot seat …

CEO, 26%

CFO / Treasurer,

23%CRO / Head of

Risk, 19%

Risk Committee (company level),

15%

Legal / Compliance, 14%

COO or CAO, 2% Other, 2%

Primary responsibility for risk management

Risk management is now a C-Suite issue, but “45% of executives lacks confidence in their supply chain risk management programmes.”

Deloitte - Aftershock: Adjusting to the new world of risk management, 2012

@scguydan

…yet commitment is low

34.2%28.6%

40.8%

38.0%

21.1%28.6%

1.3% 3.3%

2013 2014

Chart Title

None

Low

Medium

High

BCI Supply Chain Resilience Survey 2014

How would you assess the current commitment (attention and priority) of Top Management in your organization to managing supply chain risk proactively?, % of respondents

@scguydan

…and immaturity persists

Supply chain risk management remains a relatively immature discipline with only a minority of companies (9%) fully prepared to address potential challenges from supply chain disruptions in increasingly complex environments.

• No risk governance structure • Poor visibility into sources of

supply chain risk and suppliers’ operations

• Limited analysis of potential threats

• No prior anticipation of positioning or response mechanisms

• Risk management processes are documented and integrated internally

• Basic threats and vulnerabilities are analysed

• Scenarios concerning the base integrated plan are conducted to position inventory and capacity buffers

• Postponement product design principles are explored to respond to changing demand

• Minimal visibility of changes/ patterns outside the company

• Formal quantitative methodologies for risk management

• Collaboration across the supply chain

• High levels of information sharing and visibility

• Sensors and predictors used to proactively position response mechanisms

• Products and processes rationalised to reduce complexity

• Monitoring of resilience levels among suppliers

• Business continuity plans are created

• Risk governance is formal but flexible

• Full alignment between supply chain partners

• Supply chain is segmented to match customer value propositions

• Risk sensors and predictors supported by real-time monitoring and analytics

• Supplier segmentation to identify key risks

• Risk strategies are segmented according to supplier profiles and product/ market characteristics

Level 1Ad hoc

Level 3Proactive

Level 2Integrated

Level 4Flexible

9%32%42%17%

Less mature More mature

PwC and the MIT Forum for Supply Chain Innovation - Making the right risk decisions to strengthen operations performance, 2013

@scguydan

Consequences of supply chain

disruptions are far reaching …

BCI Supply Chain Resilience Survey 2014

5%

7%

7%

7%

18%

18%

24%

27%

34%

35%

38%

41%

45%

48%

59%

Share price fall

Product recall/withdrawal

Regulatory fines for non-compliance

Payment of service credits

Increase in regulatory scrutiny

Loss of regular customers

Product release delay

Stakeholder/shareholder concern

Delayed cash flows

Damage to brand reputation/image

Service outcome impaired

Customer complaints received

Loss of revenue

Increased cost of working

Loss of productivity

@scguydan

…with significant economic impact

39.6%

13.5%

7.7%

14.5%

2.9%

1.0%

0.0%

1.0%

0.0%

19.8%

46.0%

14.2%

8.5%

7.6%

1.0%

0.0%

0.0%

0.0%

0.0%

22.7%

<€50K

€50K-€250K

€251K-€1M

€1.1M-€10M

€11M-€50M

€51M-€100M

€101M-€250M

€251M-€500M

>€500M

Don't know

Single event 12 Month cumulative

BCI Supply Chain Resilience Survey 2014

The world is still not flat, but …

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

The road to globalisation – and

greater risk …“One of the very trends that has increased supply chain risk – globalisation – also provides opportunities to manage risk.”

2014 DHL Global Connectedness Index; R Bosman - The New Supply Chain Challenge: Risk Management in a Global Economy, FM Global 2006

@scguydan

… increasing complexity

Adapted from G. Linden, K.L. Kraemer, and J. Dedrick (2009), “Who Captures Value in a Global Innovation Network? The Case of Apple’s iPod”, Communications of the ACM, March 2009, Vol. 52, No. 3, pp. 140-144; World Economic Forum Global Risks 2015.

$80

$75

$85

$19 $27

$7 $5 $1

$40

Apple (Margin) Distribution and Retail Major Components

Other Inputs Japan (Margin) USA (Margin)

Taiwan (Margin) Korea (Margin)$80

$75

$85

$19 $27

$7 $5 $1

$40

@scguydan

Evolving supply chains to minimise

cost …

of companies had re-structured their distribution network in the last year.

of the cases the distribution re-structuring had involved relocating distribution centres to a lower cost country.

More Fewer

National DCs 49.5% 50.5%

Regional DCs 58.5% 41.5%

Global DCs 52.8% 47.2%

of respondents cited the main reasons for the distribution re-structuring were predominantly related to cost.

indicated that they were establishing more regional (multi-country) distribution hubs.

75% 20%

50%

58%

How has the structure of your distribution network changed?

European supply chains are evolving to become more product- and/or channel-specific enabling them to adapt to different customer and product service level requirements.

Transport Intelligence - Global Distribution Strategies Survey, 2008

@scguydan

… causing complexity and fragility

PwC and the MIT Forum for Supply Chain Innovation - Making the right risk decisions to strengthen operations performance, 2013

38%

74%

80%

87%

94%

95%

The relationships betweensupply chain entities havebecome less transparent

The number of entities in thesupply chain has increased

Products and services havebecome less standard

New product introductionshave been more frequent

Changes in the extendedsupply chain network occur

more frequently

Dependencies betweensupply chain entities* have

increased

Chart TitleEvolution of supply chain complexity over the past three years

*suppliers, partners, customers Strongly Agree / Agree

@scguydan

…with the cost efficiency chasers

losing

Difference in performance resilience measured by percentage of companies that suffered a 3% or higher impact on their performance indicators as a result of supply chain disruptions in the past twelve months

-6% -5%-6% -21% -8% -14% -26% -24% -32%-33%

PwC and the MIT Forum for Supply Chain Innovation - Making the right risk decisions to strengthen operations performance, 2013

46% 47%

36%

53%

71%64% 67%

73%80%

73%

13%

41%

31%

47% 50%56% 53%

47%

56%

41%

Market value Sales revenue Market-share Total supplychain cost

Supply chainasset

utilisation

Inventoryturns

Customerservice level

Total supplychain lead

time

Total supplychain lead

timevariability

Orderfulfilmentlead time

Mature (Level III—Level IV) cost efficient companies Mature (Level III—Level IV) flexible response companies

@scguydan

Risk visibility in sub-tiers is lacking

17%36%

79%90%

78%

31% 31%

Indirectsuppliers

Indirectsuppliers

Direct suppliers Internal plants& operations

Directcustomers

Indirectcustomers

Indirectcustomers

Tier-3 +supplier

Retailer

Endcustomer

Whole-saler

Whole-saler

Retailer

Retailer

Endcustomer

Endcustomer

Endcustomer

Tier-2supplier

Tier-1supplier

Tier-3 +supplier

Tier-3 +supplier

Tier-3 +supplier

Tier-2supplier

Tier-2supplier

Tier-1supplier

OEM

SCMWorld - Innovative Approaches to Supply Chain Risk, 2014

Risk visibility across the value chain

@scguydan

…making it the biggest challenge in

moving goods

Transport Intelligence - Supply Chain Risk & Visibility in the Movement of Goods, 2014

3.5%

3.9%

7.7%

8.2%

8.7%

11.0%

13.2%

13.9%

14.4%

15.5%

Meeting the demands of Omni-channel

Environmental programmes /CO2 reductions

Complexity of handlingmultimodal transportation

Schedule compliance

Speed

Competition

Delivering to schedule

Rising costs

Transport reliability

Supply chain visibility

Chart TitleThe key challenges faced in moving goods,% of respondents

Anatomy of a supply chain

disruption

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

What happens with a supply chain

disruption

Bu

sin

ess

Pe

rfo

rman

ce In

dic

ato

r

Time

Stable situation/Business-as-usual

Y Sheffi - The Resilient Enterprise - Overcoming Vulnerability for Competitive Advantage, 2005; B Asbjørnslett - Assessing the vulnerability of supply chains, 2008; David Simchi-Levi - A New Approach to Manage Supply Chain Risk, HBR, 2015

Disruptiveevent

Time offull impact

Firstresponse

Preparationfor recovery

Recovery

Initialimpact

New stablesituation /Business-as-usual

Time to Recovery (TTR)

PerformanceImpact

(PI)

@scguydan

… with the actual residual effectB

usi

ne

ss P

erf

orm

ance

Ind

icat

or

Time

Stable situation/Business-as-usual

Y Sheffi - The Resilient Enterprise - Overcoming Vulnerability for Competitive Advantage, 2005; B Asbjørnslett - Assessing the vulnerability of supply chains, 2008; David Simchi-Levi - A New Approach to Manage Supply Chain Risk, HBR, 2015

Disruptiveevent

Time offull impact

Firstresponse

Preparationfor recovery

Recovery

Initialimpact New stable

situation /Business-as-usual

Long-termimpact

Time to Recovery (TTR)

PerformanceImpact

(PI)

@scguydan

Having a significant impact on

business and financial performance

68%

72%

65%

64%

67%

66%

69%

40%

54%

35%

Order fulfilment lead time

Total supply chain lead timevariability

Total supply chain lead time

Customer service level

Inventory turns

Supply chain asset utilisation

Total supply chain cost

Market-share

Sales revenue

Market value

Chart Title

Percentage of companies that suffered a 3% or higher negative impact on their performance indicators as a result of supply chain disruptions in the past twelve months

PwC and the MIT Forum for Supply Chain Innovation - Making the right risk decisions to strengthen operations performance, 2013

@scguydan

Disruptions can happen anywhere in

the supply chain network“A collapse in one part of the network can have a magnifying effect on every part of the network. These interrelationships are either not well understood or are ignored by most companies.” - David Simchi-Levi, professor MIT

Tier 2+ Tier 1 CustomersDistribution Assembly

LTL

FTL

@scguydan

With sources of supply chain risks

far beyond the company

Macro environment risksHave potential effects across the entire supply chain

Exist among enabling functions that support supply chain processesFunctional risks

Human resources Information technology LegalFinance

EconomicEnvironmental/

Social responsibilityInfrastructure/

ResourcesGeopolitical Hazards SecurityRegulatory

Supply Demand

Tier N Tier 1 End usersDistributors3rd party services

Operational risks

DeliverDevelop Plan Source Make Return

Relate to internal process risks

Extended value chain risksOriginate in upstream and downstream supply chain partners

The risks to supply chains today are numerous and constantly evolving, and emanate both from within and outside of the company.

Deloitte - Supply Chain Resilience: A Risk Intelligent approach to managing global supply chains, 2012

From the risk observatory

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

Categorising sources of disruption

to define strategies

Business continuity

• Natural disasters

• Man-made disruptions

• Supplier redundancy & contingency

Security

• Cargo disruption

• Cargo theft

• Hijacking exposure

• Unmanifested cargo

• Information/cyber attacks

• Sea piracy

• Supply chain terrorism

• Anti-western terrorism

Brand protection

• Facility traceability (forced & child labour)

• Compliance to social & human rights

• Compliance to environmental, health & safety

• Counterfeiting

• Intellectual property violations

Geopolitical

• Political stability

• Economic & financial stability

• Corruption

• Crime & government effectiveness

• Employee screening practices

@scguydan

Major causes of supply chain

disruption

0% 10% 20% 30% 40% 50% 60% 70% 80% 90%

Energy scarcityLack of credit (cost, availability)

Currency exchange rate volatilityNew laws or regulations

Loss of talent/skills

Environmental incidentIntellectual Property violation

Product quality incidentHealth & Safety incident

Act of terrorismFire

Business ethics incidentData breachCyber attack

Transport network disruptionUnplanned IT/telecoms outage

Animal diseaseEarthquake/tsunami

Insolvency (in the supply chain)Human illness

Civil unrest/conflictIndustrial dispute

Outsourcer service failureAdverse weather

High Impact Some Impact Low Impact

Security risks

Business continuity risks

Brand protection risks

Geopolitical risks

Business continuity disruptors

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

Natural disasters have become more

pervasive …

EM-DAT: The CRED/OFDA International Disaster Database, 2016

0

100

200

300

400

500

600

19

00

19

07

19

14

19

21

19

28

19

35

19

42

19

49

19

56

19

63

19

70

19

77

19

84

19

91

19

98

20

05

20

12

TitleNatural disasters reported 1900-2015

@scguydan

…at a very high price

Munich Re, NatCatSERVICE, 2016

760

8 000

18 500

16 000

15 300

29 500

300

3 000

60 500

40 000

28 000

30 000

38 000

43 000

44 000

68 500

85 000

100 000

125 000

210 000

Japan - Earthquake (2004)

Chile - Earthquake, tsunami (2010)

Caribbean / USA - Hurricane Ike (2008)

Thailand - Floods, landslides (2011)

United States - Earthquake (1994)

Caribbean / N.A. - Hurricane Sandy (2012)

China - Earthquake (2008)

Japan - Earthquake (1995)

United States - Hurricane Katrina (2005)

Japan - Earthquake, tsunami (2011)

Losses in US$ million original values

Overall value Insured value

0

0

0

0

0

0

0

0

0

0

46

520

170

813

61

210

84 000

6 430

1 720

15 880

Fatalities

Fatalities Dummy

@scguydan

Old reliable have come under man-

made disruptions

Heavy manufacturing (steel, machinery, etc.)

25%

Electronics17%

Garment and Textiles

17%

Consumer Goods and Retail

11%

Food7%

Footwear6%

Automotive5%

Pharmaceutical2%

Other10%

Chart TitleStrikes by Industry in China, 2015

Labour unrest in China grows with factory strikes increasing by 58.3 percent in 2015, as factory owners struggled to pay workers due to a slumping economy, leading to protests and walk-offs.

BSI - Business Continuity Risk Index, 2016

@scguydan

And even increasingly popular

destinations are succumbing

34

121

147

108118

2011 2012 2013 2014 2015

StrikesGarment Sector Strikes in Cambodia, 2011-2015

Historically wages have been a major cause of strikes in Cambodia, but workers in recent strikes have also cited more specific grievances such as the cost of living, labour contracts, and working conditions.

BSI - Business Continuity Risk Index, 2016; Photo: Luc Forsyth

@scguydan

Explosive negligence … Tianjin port

@scguydan

Supply chain partner failure is the

major supply chain network problem

3%

5%

13%

10%

13%

13%

24%

19%

8%

12%

9%

13%

14%

14%

13%

19%

Downstream logisticspartners

Indirect customers

Upstream logistics partners

Company-owned supportfunctions

Direct customers

Tier 2 suppliers

Tier 1 (direct) suppliers orthird parties

Company-owned supply chainoperations

Chart Title

Ranked #1 Ranked #2

Locations in the supply chain of the most costly outcomes of risk events over last three years

38%

37%

27%

22%

17%

27%

23%

11%

Deloitte - The Ripple Effect - How manufacturing and retail executives view the growing challenge of supply chain risk, 2013

The most costly disruptions are caused by own supply chain, then failure at Tier 1 and Tier 2 suppliers. According to BCI respondents, 11.5% of disruptions are caused by suppliers at Tier 3 and lower. 3PLs are the third highest reason for failure.

Supply chain security disruptors

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

34%

35%

41%

44%

53%

68%

90%

Conveyances not inspected

Failure to screen businesspartners

Containers, trailers, pallets,etc. not secured/properlyinspected prior to loading

Lack of seal procedures

Inadequate transportationmonitoring

Security procedures notfollowed (lack of checks,balances, accountability)

Involved “trucks” as the mode of transportation for

breached cargo

Major factors contributing to cargo

breaches

C-TPAT Program Study June 2009

@scguydan

Global cargo theft risk levels

FreightWatch International

Risk level ofcargo theft

Highest level

Lowest level

@scguydan

Cargo theft in South Africa

Crime Stats SA - Crime Stats Simplified

Robbery: non-residential

Number of incidents

2014 2015

18 476 19 170

3.8%

@scguydan

Hijacking exposure in South Africa

Truckjacking

Number of incidents

2014 2015

989 1 279

29.3%

Crime Stats SA - Crime Stats Simplified

@scguydan

Omni-channel retailing has given the

consumer newfound power …

Forrester report: Welcome To The Era Of Agile Commerce, 2014

@scguydan

HomeChore automation

and security$200B−350B

…and the Internet of Things (IoT)

brings huge opportunity …

HumanHealth and

fitness$170B−1.6T

OfficesSecurity and

energy$70B−150B

FactoriesOperations and

equipment optimization$1.2T−3.7T

VehiclesAutonomous vehicles and

condition-based maintenance$210B−740B

OutsideLogistics and navigation

$560B−850B

CitiesPublic health

and transportation$930B−1.7T

WorksitesOperations optimization/

health and safety$160B−930B

Retail environmentsAutomated checkout

$410B−1.2T

Enable new business models

For example, remote monitoring enables anything-

as-a-service

Transform business processes

Predictive maintenance, better asset utilization, higher

productivity

Types of opportunities

9 settingsgave us a cross-sector view of

a total potential impact of$3.9 trillion–11.1 trillion

per year in 2025

McKinsey Global Institute (MGI): The internet of things: mapping the value beyond the hype, 2015

@scguydan

0.1%

0.7%

0.8%

3.9%

4.1%

15.3%

20.6%

25.1%

29.4%

Payment card skimmers

Point of sale intrusions

Cyber espionage

Denial of service attacks

Web app attacks

Physical theft and loss

Insider and privilege…

Crime ware

Miscellaneous errors

… but it also creates great peril

Almost all cyber attacks can beclassified by 9 patterns

Verizon 2015 Data Breach Investigations Report

@scguydan

Typical cyber attack incidents for

transport & logistics

24% 16% 16%Transportation

Cyber-espionage Insider and privilege misuse Web app attacks

WEB APP ATTACKSWhen attackers use stolen credentials or exploit vulnerabilities in web applications — such as content management systems (CMS) or e-commerce platforms.

INSIDER AND PRIVILEGE MISUSEThis is mainly by insider’s misuse, but outsiders (due to collusion) and partners (because they are granted privileges) show up as well. Potential culprits come from every level of the business, from the frontline to the boardroom.

CYBER-ESPIONAGEWhen state-affiliated actors breach an organization, often via targeted phishing attacks, and after intellectual property.

Verizon 2015 Data Breach Investigations Report

72%ON AVERAGE of the incidents in an industry can be described by just

three of the nine patterns.

@scguydan

Cyber attacks are physical

Verizon 2014 & 2015 Data Breach Investigations Report

of insider and privilege misuse attacks used the corporate LAN.

of theft / loss happened at work.

of miscellaneous errors involved printed documents.

49%

85%

55%

A significant amount of cyber attacks are actually through physical means and can be mitigated through physical security systems.

@scguydan

Look inside your company for cyber

attack origins

31%

29%

16%

13%

12%

22%

12%

13%

23%

7%

5%

24%

35%

30%

18%

15%

13%

24%

15%

16%

24%

7%

6%

18%

Unknown

Domestic intelligence service

Foreign nation-states

Competitors

Activists / activist organisations / hacktivist

Organised crime

Hackers

Suppliers / business partners

Former service providers / consultants / contractors

Current service providers / consultants / contractors

Former employees

Current employees

Likely sources of incidents

All industries in all regions Transportation & Logistics

PWC Global State of Information Security Survey 2015

@scguydan

…making screening and vetting

business critical

PWC Global State of Information Security Survey 2015

47%

48%

55%

54%

52%

57%

58%

69%

51%

54%

55%

56%

56%

59%

60%

73%

Accurate inventory of where personal data for employees andcustomers are collected, transmitted and stored

Employee Chief Information Security Officer in charge ofsecurity

Information security strategy that is aligned to the specificneeds of the business

Employee security awareness training programme

Secure access-control measures

Priviledged user access

Conduct personnel background checks

Require 3rd parties to comply with our privacy policies

Security safeguards in place

All industries in all regions Transportation & Logistics

@scguydan

Sea piracy is still rife

Based on info from IMO, IMB, ReCAAP

@scguydan

…you survive pirates and then this

Newsflare

@scguydan

Countries effected by terrorism

disruptions

Institute for Economics and Peace , 2015

The impactof terrorism

Highest impactof terrorism

Lowest impactof terrorism

Brand reputation disruptors

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

7%

10%

17%

19%

15%

32%

10%

11%

15%

17%

25%

22%

Social responsibility failure

Regulatory non-complianceand/or worker-safety failure

Product quality failure

Physical product flowdisruption

Sudden demand change

Margin erosion

Chart Title

Ranked#1 Ranked#2

Brand reputation is the most costly

outcome of disruption ….

34%

19%

15%

32%

36%

17%

25%

22%

Brand reputation damage

Physical product flowdisruption

Sudden demand change

Margin erosion

Chart Title

Ranked#1 Ranked#2

Most costly outcomes of risk events in the supply chain

Most costly outcomes of risk events in the supply chain

54%

40%

32%

17%

36%

21%

54%

40%

70%

36%

@scguydan

Wearing human rights is cheap

0.18 0.27 1.151.2 2.19

3.4

3.614.63

12.37

29

Selli

ng

pri

ce

Pay

to

gar

me

nt

wo

rker

Ove

rhea

d c

ost

Pro

fit

fact

ory

Ban

glad

esh

Inte

rmed

iary

Tran

spo

rt c

ost

Mat

eria

l co

st

Bra

nd

pro

fit

Val

ue

add

ed t

ax

Ret

ail*

Share in Euro:

Share in %: 42.616.00.6100 0.9 4.0 4.1 7.6 11.7 12.5

Share of value – T-shirt fromBangladesh sold in Germany

*Includes all costs at a retail level including staff, rent, store profit, etc.

WEF: Beyond Supply Chains, Empowering Responsible Value Chains, 2015

@scguydan

Bitter aftertaste of child labour in the

cocoa supply chain

• Small, family farms (>750 000)• Independent operation• Few cooperatives (<2% of crop)

• Privately-funded operators• Pisteurs, Traitants• Fewer quality linkages

• Various participants, including international companies

• Includes semi-finished goods

• Beans, small family farm products into global market

• Further manufacturing of products

• Retail outlets, restaurants, small businesses

• Final customer

Global Market

Manufacturers

Farmers

CollectorsTransporters

Processors

Exporters

Customers

Consumers

Other Beans

Cocoa Supply Chain - Côte d'Ivoire

Center for Reflection, Education and Action (CREA)

@scguydan

Counterfeiting - a global $600 billion

epidemicCzech Republic Turkey

NigeriaNigeria loses N200

billion annually to sales and circulation of

adulterated lubricants

Saudi Arabia50% of deaths in automobile accidents caused by counterfeit parts

Philippines

Korea

France Georgia

USA

Brazil

Paraguay

Counterfeiting costs US businesses between

$200 and $250 billion dollars annually

One of the main sources of counterfeit

agro-chemicals

Alcoholic drink counterfeiting widely reported in Paraguay

Sub-standard wines found in premium brand bottles

30 people died in 2012 from consuming counterfeit Rum

containing methanolPakistan

Authorities fighting counterfeit motor-oil supply

High volume producer of counterfeit bags and other fashion items

China

High volume producer of counterfeit branded clothing and leather goods

One of the main sources globally of counterfeit cosmetics

• 400 billion counterfeit cigarettes produced every year

• Counterfeit baby food found in original packaging

IndiaOne of the main contributors to global counterfeit medicines epidemic

Increasing problems with counterfeit soft drink production

HH Global - Brand Protection & Anti-Counterfeiting

Geopolitical disruptors

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

Countries effected by disruptions

due to political instability

World Bank, 2015

Level ofpolitical stability

Politicallymost stable

Politicallyleast stable

@scguydan

Disruptions in countries effected by

corruption

2014 Transparency International

Level ofcorruption

Highlycorrupt

Veryclean

@scguydan

Customs “integrity” of SA’s biggest

trade partners

Honest Joe’sHonest Crooks

AngelsDark Horses

DS&C Analysis, WEF ETI (2014)

ZimbabweAngola

Zambia

BotswanaMozambiqueNigeria NamibiaMadagascar

GhanaLebanon India

Thailand Mauritius Saudi ArabiaSouth AfricaChinaItaly

United States GermanyUnited Kingdom Japan

Netherlands

0

1

2

3

4

5

6

7

0 1 2 3 4 5 6 7

Effi

cien

cy a

nd

tra

nsp

aren

cy o

f b

ord

er

adm

inis

trat

ion

(1

= in

effi

cien

t, 7

= e

ffic

ien

t)

Irregular Payments (1 = common, 7 = never occurs)

@scguydan

Government (in)effectiveness that

can cause disruptions

Level ofgovernmenteffectiveness

Most effective

Least effective

World Bank, 2015

@scguydan

The war for talent continues …

15%

19%

14%

22%

37%

43%

2011 2013 2014

Chart Title

Easier More difficult

0%

5%

10%

15%

20%

25%

30%

2011 2012 2013 2014

Chart Title

Career progression Retaining

Developing Finding

Hiring Measuring

Knowledge worker challenges% of respondents saying ‘extremely challenging’

Knowledge worker challenges% of respondents saying ‘extremely challenging’

SCMWorld - The Chief Supply Chain Officer Report, 2014

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

Being able to bounce back

@scguydan

A systematic approach to supply

chain risk is required

Identify Quantify

MitigateRespond

What types of risk are we exposed to and where are they in our supply chain?

What financial impact could these risks have on our sales

and profitability?

How quickly can we recover from a disruptive event and

return to normal operations?

What strategies/tactics do we have in place to minimise the disruption to our business?

Supply ChainRisk

Effective supply chain risk management is not a static exercise or a linear process. It requires constant monitoring, ongoing assessment and the periodic re-evaluation of contingency plans, whether or not they have actually been implemented.

SCMWorld - Innovative Approaches to Supply Chain Risk, 2014

@scguydan

Identifying and assessing risk

19%

25%

38%

40%

42%

47%

48%

54%

58%

61%

72%

Social media monitoring

Business impact surveys

Real-time datamonitoring/analytics

Segmentation of suppliers /customer value propositions

Intuition or managementinsight

Third-partyresearch/intelligence

Scenario planning/businesssimulations

Risk mapping

Regular/open dialogue withcustomers

Analysis of historical data

Regular/open dialogue withsuppliers

Chart Title

SCMWorld - Innovative Approaches to Supply Chain Risk, 2014

Methods used to identify risk exposure% of respondents

@scguydan

Data driven … a stark contrast to the

normal intuition-based approach

The power of predictive analytics

Visual mapping and social media

Innovators in supply chain risk use these tools and techniques within an enterprise-wide “culture of data driven decision making” that informs and shapes their risk mitigation strategies. When you are dealing with complex networks that have evolved over time, intuition can be misleading and take you in completely the wrong direction.” - David Simchi-Levi professor MIT

SCMWorld - Innovative Approaches to Supply Chain Risk, 2014

@scguydan

Tools of the risk trade …

29%

32%

35%

36%

42%

42%

44%

45%

Business simulation

Worst-case scenariomodelling

Risk sensing data

Predictive modelling

Risk intelligence data

Supply chainmapping/visualization

Supply chain operationalmodelling

Financial risk modelling

Chart Title

Types of data/visualization/analytical tools used to manage risk within the supply chain

Deloitte - The Ripple Effect - How manufacturing and retail executives view the growing challenge of supply chain risk, 2013

@scguydan

Identifying and assessing risk -

illustration

Gartner - Case Study: Cisco Addresses Supply Chain Risk Management, 2010

How Cisco mapped the 2011 disaster in Japan

No impact-low risk profile

Significant impact reported-mitigate with higher prioritySome impact reported-monitor and/or mitigate

Capacity disabled or assumed highest risk-mitigate with highest priority

@scguydan

Available supply chain risk solutions

and services

ChainLink Research - Supply Chain Risk Solutions: A Market Overview, 2013

Supply chain& business continuity

consultants

Supplier audit and monitoring

services

Supplier quality management

Contract, SLA management

Supplier performance management

Hedgingtools and

instruments

Trading partner/ IT security/

identity management

Supplier data subscription

services

Cargo securitySustainability/ CSR platforms,

product analytics

Supply chain insurance

Eventmonitoring &

alertingservices

Anti-counterfeiting

solutions

Cold chain

Business continuity

management

Design collaboration/IP protection

Inventory optimisation,

demand management

Governance,risk management

& compliance

Supplier risk and compliance

Logistics, visibility, TMS

Traceability, chain of custody

Supply chain mapping and monitoring

@scguydan

Natural disastersGeopolitical risks

EpidemicsTerrorist attacks

Environmental risksVolatile fuel pricesRising labour costs

Currency fluctuationsCounterfeit parts and products

Port delaysMarket changes

Suppliers’ performanceForecasting accuracyExecution problems

Quantifying and prioritising risk

This may work reasonably well in the case of recurring operational risks – the “controllable” or “known-unknown” risks where historical data is available, but not for the “uncontrollable” or “unknown-unknown” risks.

Unknown-Unknown Uncontrollable

Known-Unknown

Controllable

Like

liho

od

of

occ

urr

ence

Business impactModerateMinor Major Critical

Possible

Likely

Highly likely

Unlikely

A typical risk evaluation matrix Sources of supply chain risk

SCMWorld - Innovative Approaches to Supply Chain Risk, 2014; David Simchi-Levi, et al. - Identifying Risks and Mitigating Disruptions in the Automotive Supply Chain (Ford case study)

@scguydan

The Risk Exposure Index as an

alternative

Bu

sin

ess

Pe

rfo

rman

ce In

dic

ato

r

Time

Stable situation/Business-as-usual

Y Sheffi - The Resilient Enterprise - Overcoming Vulnerability for Competitive Advantage, 2005; B Asbjørnslett - Assessing the vulnerability of supply chains, 2008; David Simchi-Levi - A New Approach to Manage Supply Chain Risk, HBR, 2015

Disruptiveevent

Time offull impact

Firstresponse

Preparationfor recovery

Recovery

Initialimpact

New stablesituation /Business-as-usual

Time to Recovery (TTR)

PerformanceImpact

(PI)

The Risk Exposure Index allows companies to understand the dependencies within their supply chains, estimate hard-dollar impacts and prioritise their risk mitigation efforts.

@scguydan

The Risk Exposure Index illustrated

Time-To-Recover (TTR): The time it takes to recover to full functionality after a disruptionPerformance Impact (PI): Impact of a disruption for the duration of TTR on a given performance measureRisk Exposure Index (REI): Normalizes the PI by the maximum PI over all disruption scenarios

Tier 2+ Tier 1 CustomersDistribution Assembly

TTR =2 WeeksPI = $400m

2 Weeks$300m 2 Weeks

$100m

2 Weeks$400m

2 Weeks$2.5bn

1 Week$100m

2 Weeks$1.5bn

LTL

FTL

1

Adapted from David Simchi-Levi, et al. - Identifying Risks and Mitigating Disruptions in the Automotive Supply Chain (Ford case study)

@scguydan

The Risk Exposure Index illustrated

Time-To-Recover (TTR): The time it takes to recover to full functionality after a disruptionPerformance Impact (PI): Impact of a disruption for the duration of TTR on a given performance measureRisk Exposure Index (REI): Normalizes the PI by the maximum PI over all disruption scenarios

Tier 2+ Tier 1 CustomersDistribution Assembly

TTR =2 WeeksPI = $400m

2 Weeks$300m 2 Weeks

$100m

2 Weeks$400m

2 Weeks$2.5bn

1 Week$100m

2 Weeks$1.5bn

LTL

FTL

2

Adapted from David Simchi-Levi, et al. - Identifying Risks and Mitigating Disruptions in the Automotive Supply Chain (Ford case study)

@scguydan

The Risk Exposure Index illustrated

Time-To-Recover (TTR): The time it takes to recover to full functionality after a disruptionPerformance Impact (PI): Impact of a disruption for the duration of TTR on a given performance measureRisk Exposure Index (REI): Normalizes the PI by the maximum PI over all disruption scenarios

Tier 2+ Tier 1 CustomersDistribution Assembly

TTR =2 WeeksPI = $400m

2 Weeks$300m 2 Weeks

$100m

2 Weeks$400m

2 Weeks$2.5bn

1 Week$100m

2 Weeks$1.5bn

LTL

FTL

3

Adapted from David Simchi-Levi, et al. - Identifying Risks and Mitigating Disruptions in the Automotive Supply Chain (Ford case study)

@scguydan

The Risk Exposure Index illustrated

Time-To-Recover (TTR): The time it takes to recover to full functionality after a disruptionPerformance Impact (PI): Impact of a disruption for the duration of TTR on a given performance measureRisk Exposure Index (REI): Normalizes the PI by the maximum PI over all disruption scenarios

Tier 2+ Tier 1 CustomersDistribution Assembly

TTR =2 WeeksREI = 0.16

2 Weeks0.12 2 Weeks

0.04

2 Weeks0.16

2 Weeks1.0

1 Week0.04

2 Weeks0.6

LTL

FTL

4

Adapted from David Simchi-Levi, et al. - Identifying Risks and Mitigating Disruptions in the Automotive Supply Chain (Ford case study)

@scguydan

41%

59%

Companiesthat do not

segmenttheir riskstrategy

Companiesthat segment

their riskstrategy

Mitigating risk and speeding

recovery

55%

70% 70%64%

73%

88% 90%80% 82% 80%

11%

32%

17%

46%52% 50% 46% 50%

59%

46%

Mature companies that do not segment their risk management strategy

Mature companies that segment their risk management

Mature companies that invest in risk segmentation are more resilient to disruptions than mature companies that don’t.

-18% -53%-38% -21% -38% -44% -30% -23% -34%-44%

Difference in performance resilience measured by percentage of companies that suffered a 3% or higher impact on their performance indicators as a result of supply chain disruptions in the past twelve months

PwC and the MIT Forum for Supply Chain Innovation - Making the right risk decisions to strengthen operations performance, 2013

@scguydan

Mitigating risk and speeding

recovery – segmentation illustration

• Partnerships• Risk-sharing contracts• Track performance• Share experience• Business continuity

plans

• Inventory• Long-term contracts

• Inventory• Dual sourcing/sites• Flexibility• Standard components• Track performance

Financial impact

Tota

l sp

end

High

HighLow

20% of suppliers80% of spend

Using supplier segmentation to drive mitigation actions

Mature companies that invest in risk segmentation are more resilient to disruptions than mature companies that don’t.

David Simchi-Levi

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

Bouncing back without missing

@scguydan

43%

55%

56%60%

70%

Concentrating the CSCO’s priorities

Cost Containment

Supply Chain Visibility

Globalization

Customer Intimacy

Risk Management

IBM - The Smarter Supply Chain of the Future - Insights from the Global Chief Supply Chain Officer Study 2010

@scguydan

27%

33%

41%

48%

54%

59%

59%

60%

72%

72%

78%

79%

82%

Other actions

Use postponement or delayed differentiation strategy

Use regional strategy only

Use component substitution strategy

Pursue near-shoring manufacturing strategy

Establish distribution centres in multiple regions

Increase inventory levels and safety stock

Apply forward buying/hedging strategy

Pursue demand collaboration with customers

Pursue (1st and 2nd tier) supplier collaboration

Use both regional and global strategy

Implement dual sourcing strategy

Create and implement a business continuity plan

Chart Title

Risk mitigation strategies

Actions companies take to mitigate supply chain risk

PwC and the MIT Forum for Supply Chain Innovation - Making the right risk decisions to strengthen operations performance, 2013

@scguydan

Risk mitigation strategies

9%

10%

12%

15%

15%

15%

18%

19%

19%

21%

23%

24%

Purchasing business interruption insurance

Increasing hedging against currency or commodity volatility

Participating in lobbying efforts to influence legislation

Developing the capability to more rapidly deploy pipeline…

Increasing the ability to protect the brand reputation and…

Creating a more flexible workforce

Enhancing the ability to intelligently collect and react to…

Enhancing the ability to dynamically change product flow

Building the ability to rapidly adapt the supply network

Building the ability to rapidly adapt the production or…

Developing business continuity and risk contingency plans

Building stronger extended value chain relationships

Chart TitleMost effective strategies for preventing and recovering from negative outcomes of supply chain risk events

Deloitte - The Ripple Effect - How manufacturing and retail executives view the growing challenge of supply chain risk, 2013

@scguydan

The main themes

• Proper developed supply chain strategy

considering various trade-offs

• Proactive vertical collaboration in the

extended value chain

• Network visibility and flexibility

• Business continuity planning

@scguydan

What happens when business

continuity planning is in place

Bu

sin

ess

Pe

rfo

rman

ce In

dic

ato

r

Time

Stable situation/Business-as-usual

Y Sheffi - The Resilient Enterprise - Overcoming Vulnerability for Competitive Advantage, 2005; B Asbjørnslett - Assessing the vulnerability of supply chains, 2008; Wipro Consulting Services -Supply Chain Vulnerability in Times of Disaster, 2012; David Simchi-Levi - A New Approach to Manage Supply Chain Risk, HBR, 2015

Disruptiveevent

New stablesituation /Business-as-usual

Time to Recovery (TTR)1

Effect of visibility systems

Time to Recovery (TTR)2

Effect of swift action as per BCP

Preparationfor recovery2

Recovery1

Recovery2

Initialimpact

Firstresponse

Preparationfor recovery1

@scguydan

Add some best practices

• Supply chain security efforts such as TAPA, C-TPAT, AEO and Maritime ISPS

• Business continuity management standards such as ISO 22301:2012, ISO/IEC 27001 information security management and ISO 28000 2007 supply chain security management standard

• Supply chain security intelligence resources, including trade and compliance intelligence, global supply chain security risk data and analysis

• Real-time trade interruption updates and reports on major disruption incidents

• Country-specific reports on supply chain terrorism, cargo disruption, business and political climate, population and culture, economy and trade, transportation infrastructure, general governance, export control governance, employer security practices, and customs-trade supply chain security programs

• Thorough vetting of your supply chain and participating firms’ supplier base

An agenda

@scguydan

#SAPICS2016

38th Annual Conference & Exhibition

@scguydan

The CSCO Agenda

• Never say never – it can happen to you

• Know your network – 3 to 4 tiers deep

• Flexibility trumps cost towards resilience

• It’s not a guessing game – its data driven based on intelligence of specific risks

• Supply chain visibility and supply chain risk walk hand in hand

• Learn from best practice and others

@scguydan

What are the three things you hope

to achieve?

“Demosthenes, the greatest of

Athenian orators, was asked

what the three tests of a great

speech were. “Action, action

and action‟ was his reply.”

James C. Humes

@scguydan

Danie Schoeman+27 82 940 6028danie@danieschoeman.comwww.danieschoeman.com

There’s more to talk about, so let’s

have coffee …

@scguydan

@scguydan

Disclaimer

This document has been prepared by Danie Schoeman andCompany to provide background information on the subjectsmentioned herein, the forecasts, opinions and expectations areentirely those of Danie Schoeman and Company. Thispresentation was prepared with the utmost due care andconsideration for accuracy and factual information; the forecasts,opinions and expectations are deemed to be fair andreasonable. However there can be no assurance that futureresults or events will be consistent with any such forecasts,opinions and expectations. Therefore the authors will not incurany liability for any loss arising from any use of this presentationor its contents or otherwise arising in connection herewith.Neither will the sources of information or any other relatedparties be held responsible for any form of action that is taken asa result of the proliferation of this document.