At this stage I’d advise supply chain managers: ‘If your risk guys haven’t started this conversation with you, the onus is on you to start the conversation with them. It can’t be put off.
CEO, Risk Management Institute of Australasia
Simon Levy, CEO of the Risk Management Institute of Australasia, talks about his education on IoT, and why IoT deployments – such as those offered by Thinxtra, the IoT Telco – will become ever-more important from a risk management perspective.
Simon Levy, recently promoted to CEO of the Risk Management Institute of Australasia, (he has been with RMIA for over five years) says that the Internet of Things (IoT) is becoming an essential part of the risk management conversation with respect to supply chains.
IoT asset tracking solutions, for shipments or industrial packaging products – such as containers, cages, IBC, kegs and so forth – can provide essential real-time information about their location and their condition, such as temperature, humidity, shock, fill levels and much more.
RMIA, which is the leading professional body for risk managers in the region, provides education, thought leadership and is, Simon says, a body to which all risk managers should belong: “If you’re a risk manager, you should become a member of the RMIA in much the same way that if you’re a certified practising accountant, you’ll be a member of a CPA,” he says.
Simon has been in the job for a little over half-a-year, and sees part of his new role as expanding RMIA’s vision – pushing for a seat at the table in broad policy discussion and highlighting the important trends and technologies that impinge on the risk management domain.
And it is in this connection that the importance of IoT has become front-of-mind for Simon as a means of guarding against the major risks to supply chain today.
He says that although IoT has been around for years – and some countries, like China, are way ahead in terms of its deployment compared to Australia – it hasn’t been enough a part of the conversation around risk management and supply chain.
“Working with and talking to Thinxtra really opened up IoT for me in terms of its risk management potential in a supply chain context,” Simon says. “What I’ve learnt from talking to Thinxtra – who are real leaders in IoT – and others is that as supply chains become faster and more interconnected, organisations require more real-time data and greater transparency for their supply chain. And that’s where IoT comes in, by providing the capacity to track assets, maintain visibility over the chain of custody, and so forth.”
Major risks facing supply chain today
Simon says that the major risks facing supply chain today arise from either physical processes – cyber risks in particular – or from the internal human side.
“From a pure supply chain perspective, there’s various risks that present themselves,” he says. “Most of them are operational, and if we conceptualise it relatively simply it’s about either supply, or processes, or demand. All of these were being shaken up anyway but have been brought dramatically forward by COVID-19 and the changes it has wrought.”
The risks involved with having suppliers too readily disrupted, or processes insufficiently adaptable to changing circumstances, or wildly fluctuating demands – these are all internal, Simon says.
On an external level, he says that there are also legislative and regulatory compliance requirements to keep on top of. “Some organisations are choosing proactively to voluntarily comply with industry best practice – because best practice today might be a compliance necessity tomorrow,” he says.
These supply chain specific risks are overlaid, Simon says, with all sorts of corporate risks that affect any organisation – supply chain or otherwise.
“All organisations face risks in terms of IT exposures, HR and people risks, financial risks – where the money is coming from, how leveraged they are, loan repayments, credit market situations – and much else besides,” he says. “In a sense these are separate to their supply chain exposures, but they obviously still have an impact on an organisation’s overall risk profile.”
Returning to supply chain, Simon says that the emerging risk perspective has been greatly altered by the COVIDand post-COVID situation. “What we’re seeing as a result of the pandemic are shorter and more localised supply chains,” he says. “We’re also seeing a rationalisation of suppliers – by which I mean insolvencies among some smaller suppliers, as well as consolidation. We’re also seeing continued cyber-attacks, constraints on air cargo, and the risks associated with moves towards multi-modal solutions. All of these are either here or emerging and are forcing organisations to rethink the manner in which they manage and operate.”
IoT and the appetite for risk
The benefits of IoT are obvious in relation to these risks, Simon says. More accurate real time information with the attendant capacity to be agile and adapt to an uncertain world – is clearly a plus.
“But in order to provide a balanced perspective, I think we must be aware that IoT does introduce its own operational risks – around trust as well as compliance concerns,” he says. “With more data, there are more links in the chain which may be disrupted, there are greater security and privacy risks, and then risks associated with who owns what in terms of intellectual property throughout the chain.
“Like every adaptation, there are upsides and downsides from a risk management perspective,” Simon says. “It’s about tradeoffs and making informed decisions about those trade-offs for your organisation. But it’s impossible to set aside the great benefits of IoT in terms of providing an integrated and standardised approach to supply chain data. With that data-transparency, you can more easily tell the story of your product, with proper data governance and traceability.”
A salient example of how IoT can add major value is in the food industry, with improved visibility over the ‘Farm to Fork’ chain. If there is a food mishandling issue – improper refrigeration leading to contaminated meat, for instance – then IoT can be a real safeguard. “Without a doubt IoT helps in this instance, where every link in the data chain is backed by governance and traceability,” he says. “That’s a very big benefit.
“A major takeaway for me and for RMIA is the necessity of risk managers and supply chain managers talking more, and forging a joined-up approach, such that supply chain managers are not inadvertently introducing new risks to the organisation,” Simon says. “At this stage I’d advise supply chain managers: ‘If your risk guys haven’t started this conversation with you, the onus is on you to start the conversation with them. It can’t be put off.”
Each organisation either is having or will have to have a new conversation around risk appetite – one that involves supply chain managers, he says.
“This is a conversation for the board of any organisation to set the parameters that the operation can work within,” Simon says. “For instance: ‘We’ll accept three data hacks per year as long as there’s no financial impact and we’re still able to maintain continuity of supply’, versus a hard-andfast approach that will not accept any hacks and will not pay any ransoms. Those are things that will come down from the board – and this should involve risk- and supplychain managers’ input – and will set the parameters within which supply chain managers operate.
Simon concludes by saying that businesses are moving in a direction of greater agility and thirst for information to make informed decisions. “These higher-level notions – tracking assets and maximising their utilisation for business efficiency – obviously flow down to a customer service level, and the staffing requirements that go along with them,” he says. “So, there are myriad touch points where IoT is of great service. Thinxtra – as leaders and educators in this area – have alerted me not only to the benefits but also to the risks. But – to be honest – these kinds of risks are nothing new that organisations aren’t already facing anyway. We don’t need to reinvent the wheel to respond to supply chain risk with IoT. We just need to adapt in a measured, cumulative, way and build up our riskresiliency accordingly.”
Working with RMIA to develop resilience and expand understanding is something Thinxtra’s Founder, Loic Barancourt, says is essential going forward.
“IoT solutions give supply chain managers the visibility they need to gain more control and get the right insights at the right time to make better decisions. Working with organisations like the RMIA is expanding the conversation from operational efficiency into a risk conversation, which adds a lot of value to the industry when it comes to building stronger resilience.”