152 • Supply Chain Risk Management: An Emerging Discipline
Sano, France’s largest pharmaceutical company, was accused of
paying bribes totaling 1.69 million yuan to 503 doctors at 79 hospi-
tals in Beijing, Shanghai, and Hangzhou.
Novartis was placed under investigation for possible bribery and
fraud in the provision of medical drugs and services. A Novartis
employee claimed her manager instructed her to use 50,000 yuan
(US$8,000) to boost sales of its drugs.
e standard response to these cases is one of initial shock and then full
cooperation with the investigating authorities of the country where the
risk event occurred. Over the years, insurance and other risk management
organizations have been monitoring these events and others. And with so
many observations, we’ve developed a Four- Stage Model of how most risk
events play out, regardless of the event cause or country of origin, which
Figure8.1 illustrates.
As seen in this gure, the rst stage of a risk event tends to be denial.
Normally it means a belief the event is not that damaging and a company
will be back in business in a few days. In 2013, the U.S. attorney general
announced nes levied against Johnson & Johnson for false marketing of
three drugs, Risperdal, Invega, and the heart failure drug Natrecor. e
attorney general stated the company marketed the drugs for unapproved
use and paid “kickbacks” to doctors and nursing homes. e company’s
response was typical in terms of damage control and our Four- Stage
Model—J&J continued to stand by Risperdal as safe and eective for its
approved use.
Severity
Blame
Resolution
Event
Denial
“It’s not that
bad! We”ll be back in
business in a
few days!”
Well, it’s
actually worse than
we thought!
How did that
happen? And the
inevitable… Who is
responsible?
During that time a
solution is being worked
on. Is a lesson learned?
FIGURE 8.1
e four stages of a fraud, corruption, or supply chain disaster.
Supply Chain Fraud, Corruption, Counterfeiting, and e 153
e second of the four stages, severity, talks about the real scope and
scale and normally includes realization that the event is actually worse
than rst thought. e third stage, blame, is the stark reality that the event
is a total mess and follows this line, “We can’t understand how this hap-
pened and are working diligently to solve the problem.” All the while,
executives are asking questions such as, “How did this happen and whos
responsible?” Finally, the fourth stage, resolution, should be a teaching
moment in terms of supply chain risk management.
What weve witnessed, along with other research organizations, aca-
demia, and consulting rms, is that supply chain risk management and to
some extent general risk management is still an ad hoc activity. And when
the event has been resolved and the company is still in business, those who
handled the event go back to their normal job responsibilities. Most com-
pany executives assume that their direct reports are prepared to handle
risk events. is assumption, however, is awed. If you fail to prepare and
train for risk events, do not be surprised that the probability of a good
outcome from a risk event is suspect.
RULES AND REGULATIONS
We would like to present the growing array of rules and regulations
already in place and in the works that attempt to diminish, but not neces-
sarily eliminate, illicit and fraudulent activity. Whatever your opinion is
regarding rules and regulations, the demand to be in compliance is at its
highest level ever and probably will not subside for the foreseeable future.
Table8.3 presents a sample of some of the newest and farthest- reaching
rules and regulations impacting global supply chains. As you can see,
there is no shortage of rules and regulations.
We’ve identied a few new rules, regulations, and organizations to drill
down a bit deeper in an eort to provide additional perspective.
Consumer Financial Protection Bureau (CFPB)
e CFPB is a relatively new organization in the U.S. government enacted
to ensure that products are not mislabeled or maliciously marketed to U.S.
consumers and to protect consumers from fraud and price gouging.
154 • Supply Chain Risk Management: An Emerging Discipline
Customs Trade Partnership against Terrorism (C- TPAT)
is program is the U.S. Customs and Border Protections (CBP’s) pre-
mier trade security program. e purpose of C- TPAT is to partner with
the trade community for the purpose of ensuring the U.S. and interna-
tional supply chains are not subject to intrusion by terrorist organi zations.
C- TPAT requires the trade company participants to document and vali-
date their supply chain security procedures in relation to existing CBP
criteria or guidelines. CBP requires that C- TPAT companies develop an
internal validation process to ensure the existence of security measures
documented in their Supply Chain Security Prole and in any supple-
mental information provided to CBP. e purpose of the validation is to
ensure that the C- TPAT participant’s international supply chain security
measures contained in the C- TPAT participant’s security prole have
TABLE8.3
Rules and Regulations
Regulation/Law/
Organization Denition
AEO Authorized Equipment Operator
AES Automated Export System
BIS Bureau of Industry & Security
CBP Customs & Border Protection
CFPB Consumer Financial Protection Bureau
CSI Container Security Initiative
C-TPAT Customs Trade Partnership against Terrorism
Dodd-Frank Wall St Reform &
Consumer Protection Act
Financial reform and conict minerals impacts
EEI Electronic Export Information
ETS European Union Emissions Trading Scheme
FCPA Foreign Corrupt Practices Act
FSMA Food Safety Modernization Act
GSP Generalized System of Preference
ISF Import Security Filing
PIP Partners in Protection
REACH Registration, Evaluation, Authorization &
Restriction of Chemical
RoHS Restriction of Hazardous Substances Directive
Sarbanes-Oxley Financial Reporting Transparency Act
WEEE Waste Electrical & Electronic Equipment Directive
Supply Chain Fraud, Corruption, Counterfeiting, and e 155
been implemented and are being followed in accordance with established
C- TPAT criteria and guidelines.
Dodd- Frank Wall Street Reform and Consumer Protection Act
e Dodd- Frank legislation was a direct result of the 2008–2009 nan-
cial meltdown. is act also includes subjecting banks to stress testing to
evaluate their nancial resiliency. It is a far- reaching and somewhat con-
troversial law. e legislation also includes Conict Minerals Act, which
took eect in 2014.
In 2012 the SEC approved a nal rule requiring companies to disclose
their use of conict minerals (tantalum, tin, tungsten, and gold) and
whether those minerals originated in the Democratic Republic of Congo
or adjoining countries.
7
ese regulations will require companies to trace
various materials to their source to ensure they did not originate in con-
ict regions. e compliance disclosure is required by the U.S. govern-
ment. Companies are required to disclose that they veried the suppliers’
address, audited those suppliers, and required those suppliers to certify
that the materials incorporated into the manufacturers products comply
with the laws. Customers will be asking manufacturers to certify their
products through the global supply chain. We wish them luck.
Foreign Corrupt Practices Act
Under the Foreign Corrupt Practices Act (FCPA) it is unlawful for a U.S.
rm, as well as any ocer, director, employee, or agent of the company,
to oer, pay, or promise to pay money or oer anything of value to any
foreign ocial for the purpose of obtaining or retaining business. It is also
unlawful to make payments to any person while knowing that all or a por-
tion of the payment will be oered, given, or promised directly or indirectly
to any foreign ocial for the purpose of assisting the rm in obtaining
or retaining business. Firms are subject to nes of up to $2 million, while
ocers, directors, employees, agents, and stockholders are subject to nes
up to $100,000. Under federal criminal laws other than FCPA, individuals
can be ned up to $250,000 or up to twice the amount of the gross gain
or loss of a transaction. And nally, a person or rm found in violation of
FCPA may be barred from doing business with the federal government.
156 • Supply Chain Risk Management: An Emerging Discipline
TOOLS, BEST- IN- CLASS PRACTICES,
AND COUNTERMEASURES
Our focus in this section is to provide some insights on emerging tools that
are providing capabilities to manage critical aspects of supply chain risk.
is section explains the four quadrants presented in Figures8.2 and 8.3.
Fraud, Corruption, and Theft Tools
e le portion of Figure8.2 relates to a solution called Decision Point
from Navigant. is tool is Navigant’s antibribery onboarding portal. It
is designed for the investigation of distribution and supply chain third
parties. e tool addresses the challenges inherent in utilizing interme-
diaries and suppliers, such as onboarding, regulatory compliance and
education, information gathering, approvals, and investigative processes
as they relate to antibribery and other compliance regulations. e tool
facilitates the third- party onboarding process, assesses and risk scores
third party corruption risk, and enables due diligence investigations
when appropriate in an eort to support the U.S. FCPA, Foreign Corrupt
Practices Act.
e right portion of Figure 8.2 provides a workow of a supplier
onboarding process, which Navigant and other antibribery and cor-
ruption tools maintain for clients. As you can see, the tactical tasks are
interwoven into a company’s overall supplier management process. ese
tasks inside Navigant’s Decision Point and other tools are co- managed
processes rather than fully outsourced. For example, supplier onboard-
ing may be initiated and managed by a commodity manager or buyer in
the procurement group, who then sends the invitation, interacts with the
supplier, and monitors progress. ese tasks could then trigger key tasks
at each step done by a third party, such as launching a survey, requesting
certicates, validating responses, and more.
Moving to the le side of Figure8.3 we prole another emerging solution
tool from IHS that captures signicant data for manufacturers across the
globe in terms of where a supplier is located, its market share, inventory
metrics, nancial disposition, and nancial risk. Looking at IHS’s tool kit,
you might consider it a supply chain “temperature check.
e right side of Figure8.3 highlights a new solution set from Verisk
Crime Analytics, in conjunction with C. H. Robinson, which monitors
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.15.226.239