Reviewing regulatory expectations and driving resilience of supply chains

Rosalyn Aryee, Head of Outsourcing & TPRM and Operational Resilience, Santander Corporate & Investment Banking

Below is an insight into what can be expected from Rosalyn’s session at Vendor & Third Party Risk Europe 2023.

The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.

How can we use scenario testing to reflect emerging risks within supply chain resilience?

The interconnectedness and complexity of most supply chains increases the likelihood of risks and vulnerabilities. As a result, effective supply chain management is generally accepted as a fundamental aspect of a firms’ risk management framework.  Similarly, for overall resilience firms depend on both their internal resilience and the resilience of their supply chains. Consequently, to achieve resilience, firms need to proactively identify and assess potential vulnerabilities, manage risk, and maintain continuous oversight of the end-to-end delivery of their critical services provisions, including services outsourced to suppliers.

Supply chain resilience is the adaptive capability of a firm to prepare for unexpected events, respond, and recover from disruptions within their supply chain, while maintaining continuity of critical service provisions. Scenario testing allows firms to simulate disruptions or threats to their operations and identify weaknesses and implement appropriate mitigation.

Through simulations, firms can safely assess their supply chain network resilience, identify potential risks, points of failure, and define mitigation strategies to manage associated vulnerabilities. The outcomes of scenario testing can help firms implement appropriate mitigation strategies and controls to achieve agility within their supply chains and ultimately safeguard the resilience of their critical services.

Can you share some insight into the regulatory approach of operational resilience, and how this impacts supply chains?

Operational resilience is the ability to continue providing products or services to clients during adverse events or significant disruptions. Over the past few years, several firms have experienced significant disruptions due to events in their supply chain ecosystem which has created a ripple effect throughout the entire network.

As a result, there is now a paradigm shift in the traditional approach towards organizational resilience, to include ensuring the resilience of its critical supply chains dependencies. Emerging regulations on Operational Resilience now include a requirement for organizations to have end-to-end visibility of the delivery of critical processes including their supply chains.

To embed and deliver Operational Resilience outcomes, organizations must incorporate the on-going management of the resilience of their critical supply chain dependencies. An effective operational resilience framework must, in addition to focusing on internal operations, also enable:

  • Visibility of the end-to-end supply chain dependencies
  • Identification, analysis, and mitigation of associated potential risks and vulnerabilities in their supply chains that could impact on the continued delivery of their critical services
  • Ongoing monitoring and assessment of changes to the supply chain
  • Diversification and establishment of appropriate strategies / contingencies to accommodate extreme supply-chain disruptions
How can geopolitical repercussions affect the supply chains and relevant regulations?

Most organizations today, are interconnected and have a huge reliance on global outsourced chains for the delivery of goods and services in a bid to drive effectiveness and efficiencies. As a result, the impacts of geopolitical crises in one region can pose multiple challenges to firms across the globe. These impacts ranging from significant disruptions to critical supply chain operations, limited availability to increased production costs. Natural geopolitical impacts from risks such as climate risks can lead to catastrophic effects on the supply chain should a link in the chain be broken. Regulatory sanctions and other punitive responses to geopolitical conflict crisis can disrupt critical supply chain distribution sources and routes and leave firms searching for alternate routes.

To offset these disruptions and mitigate the impact on global operations, organizations should continuously monitor, assess, and manage exposure to geopolitical events through diversification and building contingencies in their supply chain. As organizations review their critical supply chain arrangements, they should also consider alternatives such as securing redundant suppliers for key inputs and reshoring and other de-risking methods. In addition, some organizations are beginning to consolidate and localize their supply chains to regional hubs to reduce exposure to global networks and mitigate against geopolitical tensions.

Furthermore, recent years has seen an increasing convergence in global regulations on outsourcing such as the PRA SS 2/21 – Outsourcing and TPRM, EBA Outsourcing Guidelines, HKMA’s Outsourcing requirements, MAS’ Guidelines on Outsourcing. This convergence is aimed at ensuring the resilience and continuity of Supply chains across Germany and the EU, Hong Kong, Singapore, Switzerland, the UK, and the US.