Commercial Risk: Supply Chain Risks in 2023

We once hoped that supply chain issues were a temporary blip of the COVID-19 pandemic. However, three years after these issues first emerged, it’s clear that disruptions to supply chain operations continue to persist well into 2023. So, where do we stand now with global supply chains? While supply chains have fortunately become a bit more stable, there is still a lot up in the air. Here’s why.  

 

1. Geopolitical conflicts and tension 
We’ve seen how geopolitical conflicts, such as political unrest and military actions, threaten the stability of supply chains. And even small, local events that don’t make the front page news can impact your supply chain. Conflicts can create disruptions in trade routes, damage critical infrastructure, restrict access to resources and markets, and result in increased tariffs. The impact for businesses? Delays, reduced product availability, and increased costs.

Examples: 

• The Russia-Ukraine war impacted global energy prices and the production of wheat and barley.  
• In 2023, tensions between the United States and China have dominated headlines, with trade relations between the two countries significantly affecting global trade.  
• And Brexit – 80% of UK businesses felt that Brexit was their biggest supply chain disruptor in 2022.  

 

Because of these geopolitical tensions, nations have become increasingly isolationist, which further fuels economic uncertainty and supply chain risks.

 

2. Extreme weather events 
Weather events can disrupt supply chains by damaging transportation routes and storage facilities, delaying shipments and reducing inventory, and interrupting production and distribution.  

Examples: 

• The droughts in China, which shut down factories in August 2022 and froze international supply chains for electronics, automobiles, and other goods.  
• The West Coast fires, which destroyed wine country and disrupted logistics for many companies, including Amazon.  

 

With climate change increasing the frequency and severity of weather events, this risk is likely to persist for the foreseeable future.

3. Economic decline 
In 2023, global economic decline will continue to loom over supply chains’ prospects. Economic uncertainty is a risk to supply chains, as it can decrease consumer demand, impede access to credit, and reduce the overall availability of resources. In addition, suppliers may experience financial difficulties due to inflationary pressures, impacting their ability to fulfill orders and making supply chains far more expensive for businesses and consumers. A difficult economy also dampens consumer demand, which makes it difficult for businesses to adequately forecast their supply chain needs.
 

 

4. Labor shortage woes 
Labor shortages continue to pose a significant risk to supply chains, especially in industries that rely heavily on manual labor, such as manufacturing, agriculture, and transportation. Because supply chains depend on people to keep products moving, a shortage of skilled and unskilled labor can cause production slowdowns or disruptions, delay shipments, and reduce efficiency. Additionally, as key industries raise wages to compete for talent, the cost is passed down from supplier to buyer, which increases input costs for companies. Challenges, such as shifting labor demographics and attitudes toward manual labor, have exacerbated labor shortages, and unfortunately these deep-seeded issues have no easy fix.

 

5. ESG scrutiny 
We’ve seen a renewed focus on environmental, social, and governance (ESG) initiatives and policies, with regulatory bodies and consumers taking greater interest in the ways goods and materials are sourced. For a while, companies have acknowledged that ESG-related missteps in supply chains can obliterate reputations, result in financial penalties, lawsuits, and, in worst cases, business closures. With increasing ethical awareness by consumers and more stringent regulations, the risks are higher. For example, in 2020 the online retail giant Boohoo was accused of modern slavery because of the working conditions in one of its suppliers’ factories and its share price tumbled by 18%, retailers dropped the brand, and it faced a possible U.S. import ban.

 

6. Cyber risk 
In 2023, we expect malicious actors to be even more sophisticated when it comes to exploiting supply chain vulnerabilities. Widespread digitization of supply chains globally means that many essential services, including transportation systems, power grids, supply networks, and more are increasingly vulnerable to cyberattacks. A successful cyberattack on any of these systems can have severe consequences on supply chain resiliency, and even lead to loss of life.  These vulnerabilities often arise through supplier networks, which may grant external parties access to target systems. We’ve already seen countless scenarios in which vulnerabilities in software providers’ products provide backdoor access to businesses’ critical systems and sensitive data. Additionally, basic warehouse tools, like barcode scanners and Internet of Things (IoT) devices implemented in manufacturing and operational sites may also be used as entry points for hackers. 

 

2023’s supply chain risks remain significant, which means organizations need to take proactive steps to protect their profits and operations. Creating, mapping, and monitoring long-term plans with built-in flexibility will give you the best chance for success. Explore your insurance coverage options with a trusted insurance advisor so that you have financial protection in place should your operations and profits be negatively impacted by supply chain disruptions. 

Risks in Your Supply Chain… Costly Liabilities

Supply chain interruptions and risks are an inevitable reality. However, to properly mitigate those risks, it’s important to conduct a third-party risk assessment. These assessments play a crucial role in managing third-party risks before they might become costly liabilities.  

 

What is a third-party risk assessment? 

A third-party risk assessment is a valuable tool you can use to identify, evaluate, and manage the potential risks associated with outsourcing critical business functions to external vendors or suppliers across various risk domains, ensuring the resilience of your overall operations. It can help you practice due diligence when managing vendor risks and continuously monitor vendor performance to effectively minimize vulnerabilities within your supply chain. 

Why is it important? 

At a glance, the risks of working with a vendor or supplier might not be immediately evident. Conducting third-party risk assessments is vital for your business, as it helps safeguard your organization against potential disruptions, financial losses, and reputational damage. By determining the risks associated with working with external vendors and suppliers, you can ensure that they meet your standards of quality, reliability, and compliance.  

Additionally, a robust risk assessment empowers you to identify and prioritize critical dependencies within your supply chain, allowing you to make informed decisions and implement necessary contingency plans.  

What are some examples of potential third parties? 

Companies engage with various third parties in the course of business, depending on their industry, size, and specific needs. Some common examples include: 

• Call centers 
• Marketing firms 
• Suppliers and manufacturers 
• Logistics providers 
• Technology vendors 
• Consultants  
• Contract labor  
• Temporary staffing agencies 
• Outsourced maintenance 
• Facilities management companies 
• Payment processors 
• Financial institutions 

  

What are types of third-party risks? 

Different service providers will create varying exposures for your business. For all third parties, consider these common areas of risk before entering a formal agreement that may compromise critical business operations: 

• Financial – Can the vendor demonstrate financial stability and creditworthiness? 
• Operational – Will the vendor be able to deliver goods or services reliably and efficiently? 
• Compliance – How does the third party ensure continued adherence to industry-specific regulations and quality standards? 
• Cybersecurity – How does the vendor identify and remediate potential vulnerabilities and respond to cyber risks? 
• Geopolitical – What risks does the third party’s geographical location, political climate, and regulatory environment pose?
• Reputational – Does the vendor engage in behaviors that might tarnish your organization’s reputation? 

 

10  Steps to Create A Risk Assessment Model:

Because your organization and its risk tolerance is unique, there is no one-size-fits-all approach to risk assessments. However, there are some guiding principles that you should consider. 

1. Identify all third parties – Compile a comprehensive list of vendors, suppliers, and service providers you engage with in your business operations.  
2. Establish a cross-functional team – Include representatives from various departments, such as procurement, legal, IT, and compliance, to obtain diverse expertise and insights. 
3. Categorize and prioritize relationships – Group third parties based on their risk profiles and the significance of their contributions to your business. Focus on assessing high-priority and high-risk relationships first. 
4. Determine risk factors – Identify the specific risks, such as financial, cyber, operational, and geopolitical, associated with each third party. 
5. Set clear expectations – Communicate explicitly with third parties about your risk management and compliance expectations. Consult with your legal expert about how you might be able include these expectations in contracts. 
6. Collect information – Gather relevant data from third parties, such as company profiles, financial statements, certifications, and other documents necessary for risk evaluation. 
7. Assess risks – Analyze the collected information to evaluate the risk factors identified earlier, and rate them based on impact and likelihood. 
8. Implement loss controls – Develop risk mitigation strategies to address the identified risks, such as enhanced contract terms, remediation plans, or contingency measures. 
9. Monitor and review – Continuously monitor vendor performance, compliance, and risk factors, and periodically reassess and update your risk assessment to ensure its accuracy and relevance. 
10. Report and communicate – Share your risk assessment findings internally and discuss concerns with the associated third parties, fostering collaboration and accountability for risk management. 

 

How does insurance fit in the picture? 

In the course of conducting a third-party risk assessment, you can ask specific questions to ensure your vendors have the right insurance coverage in place before entering a contract with them. Just as insurance can help you recoup financial losses from varying events, so too can it prove to be invaluable for your vendors and their business operations. You can also request proof of insurance as evidence of their insurance coverage. As always is the case when it comes to any formal agreement, be sure to consult with a trusted legal advisor, financial advisor, and insurance expert regarding your organization’s preferred coverage requirements. 

 

Managing supply chain risks 

As your business changes, managing supply chain risks might feel like playing a game of whack a mole. Vendors and suppliers may provide valuable goods and services to your business, but they also bring new layers of risk that you shouldn’t ignore. A key step for an effective supplier risk management plan is regularly administering a third-party risk assessment.  

As you seek to strengthen your approach to third-party risk, be sure to consult with an experienced BRP insurance advisor that can provide recommendations and resources about steps you can take to identify and contain potential financial losses and business interruptions stemming from supply chain issues, and insights regarding insurance coverage for your unique situation. 

Guide to Managing & Mitigating Risk 

A reliable, optimized supply chain is the foundation for continued success. When a supply chain experiences unforeseen delays, these disruptions can cause ripple effects that intensify and worsen up the chain, leading to end-product delays or absences in crucial markets. Such disruptions can trigger unanticipated financial and reputational consequences for numerous supply chain members. 

With the increasing complexity of supply chains, it is becoming more and more necessary for businesses to purchase insurance coverage to protect themselves from potential losses and disruptions. Fortunately, there are various types of insurance available to business owners for supply chain risk.  

 

INSURANCE OPTIONS TO EXPLORE WTIH YOUR INSURANCE ADVISOR: 

• Business Interruption (BI) Insurance
  This type of insurance provides protection for the business if they are unable to operate due to a covered event, such as a natural disaster or power outage. It’s important to note that many BI policies will only cover a claim if there is physical damage from an event like a natural disaster. However, if a strike causes a shipping delay, this event likely won’t be covered by a BI policy, as it probably will not cause physical damage to the business.
    

• Contingent Business Interruption (CBI) Insurance
  This coverage can be particularly important for businesses that have a heavy reliance on one or two key suppliers or partners. If your direct suppliers experience physical loss, damage, or destruction to their property and this impacts your business operations, you could make a claim to cover the resulting losses. Much like with a BI policy, this coverage usually only covers physical damage. Many carriers only cover “direct” suppliers, and not second or third-tier suppliers.
   

• Non-Damage Business Interruption (NDBI) Insurance
  NDBI is a type of insurance that provides coverage for financial losses incurred by a business due to an interruption in its operations that is not caused by direct physical damage to the property.
  These events may include labor strikes, production issues, closure of transportation infrastructure, regulatory action, and political or civil unrest. In instances of named exclusions, there may be specialized coverages that can fill in the gaps.
   

• Product Recall Insurance
  If your business produces and distributes products, you face the risk of a recall due to safety concerns or defects. This can result in significant financial losses due to the reverse logistics costs stemming from collecting and disposing of unsafe products, as well as extended downtime, lost sales, and reputational damage. Product recall insurance can provide financial protection against these types of losses, reimbursing your company for the costs associated with the recall.
   

• Stock Throughput (STP) Insurance
  STP insurance is a coverage that addresses not only the transportation, but also the storage and handling of goods throughout the entire supply chain. It combines the protection of goods in transit (also available as a standalone coverage with cargo insurance) with coverage for goods while they are stored at warehouses, manufacturing facilities, or other storage locations. STP policies cover goods from the point of origin until they reach the end customer, including all intermediate storage and transportation stages.
   

• Trade Disruption Insurance (TDI)
  TDI is tailored to protect businesses from cross-border losses resulting from delays or non-arrival of goods due to events, such as political risks, labor disputes, natural disasters, or other events that disrupt international trade. This type of insurance is a specialized named-peril form of insurance that can help address gaps in BI insurance. TDI can provide coverage for businesses in the event of disruptions to their trade and supply chain operations that result in cross-border losses.
   

• Political Risk Insurance
  Businesses that operate internationally may face political risks, including changes in foreign government policies, expropriation, confiscation, political violence, and currency inconvertibility. This type of insurance is designed to provide financial protection for businesses operating overseas against these types of risks and can be customized based on specific needs. While the types of coverage mentioned before can address some of the most common types of supply chain risk, some businesses may also face greater challenges related to geopolitical risk and civil unrest due to the nature of their operations.
   

• Terrorism Insurance
  Terrorism insurance can provide coverage against losses resulting from acts of terrorism, including the disruption of supply chains. While this type of coverage is sometimes included in other policies, such as property or BI insurance, it may be necessary to purchase standalone terrorism coverage to ensure adequate protection. With terrorism insurance, businesses can receive coverage for losses resulting from physical damage, business interruption, and other related costs.
   

• Cyber Insurance
  Cyber threats pose a significant threat to supply chains. The technology that makes supply chains faster and more efficient also poses a threat to their cybersecurity, with attacks to software within the supply chain becoming more commonplace over the years. A software supply chain attack occurs when an attacker targets trusted third-party vendors with access to systems and data who offer vital services or software to the supply chain. Cyber insurance can provide coverage for losses resulting from cyberattacks, data breaches, and other digital threats that could disrupt the supply chain, though insureds need to be aware of exclusionary language and sublimits for these cyber supply chain events. 

 

With any insurance policy, the details matter – be sure you review common exclusionary and restrictive language regarding your coverage, as well as specific terms of coverage with your insurance advisor to avoid being on the wrong side of insurance should a claim arise.  

 

IMPORTANT TOPICS TO DISCUSS WITH YOUR INSURANCE ADVISOR 

Exclusions 
Some policies may have specific exclusions regarding the types of events that are covered, such as war, terrorism, cyberattacks, or pandemics.

Named suppliers/customers only  
Some coverages may only apply to named suppliers and customers in the policy, leaving companies exposed if an interruption occurs with an unnamed critical supplier or customer.

Coverage scope 
One policy may not cover every aspect of your business operations or may have specific exclusions that impact your company, which is why you should explore your coverage options so that one policy picks up where another drops off.

Waiting period  
Many policies have a waiting period before the coverage kicks in, which could leave you responsible should you experience a loss during this time.

Duration of coverage 
Certain policies may have a time limit on the duration of coverage, and extended periods of disruption might not be fully covered.

Insufficient policy limits 
If you underestimate the potential losses from supply chain disruption and set policy limits too low, you may end up underinsured.

Geographic limitations 
Carriers might place geographic restrictions that limit coverage to disruptions occurring in specific regions or countries. This can leave companies exposed to disruptions in excluded locations.

Proof of loss 
You might face challenges in proving the extent of financial losses and the direct link to the third-party disruption, particularly in complex supply chains. 

 

Mitigating supply chain risk 

Insurance can play a critical role in mitigating supply chain risks, but you’ll need to be sure to address common coverage gaps, by reviewing your policies carefully, discussing your unique risks with your insurance advisor, and considering additional or complementary insurance coverage, if necessary. Though insurance can provide critical financial protection should you experience a supply chain event, it should not be seen as your first line of defense. You can also help limit your organization’s exposure to supply chain risk by taking the following actions: 

• Assess your supply chain and identify risks and weaknesses. 

• Identify back-up vendors and suppliers. 

• Revisit procurement contracts with your legal team to potentially reduce your contractual liability. 

• Balance supply chain logistics, namely just in time delivery, with risk management. 

• Create contingency plans and include supply chain disruption in your business continuity plan. 

 

By taking these steps, business owners can make informed decisions about mitigating their supply chain risk. Our team of commercial risk experts are available to be a valuable resource to help your business identify and contain its risks and secure proper insurance coverage.