In the past, “supply chain” insurance solutions tended to focus on Acts of God relating to the physical loss of tangible assets and the associated consequential loss of income. This timeworn approach overlooks the rise of intangible risks, or “Acts of Man,” and the holistic approach required to suitably provide for the intricacies of the supply chain. This article looks at the evolution of supply chain risk management, the new risks that are being identified and a fresh way of insuring such risks with a far more fitting structure.
What is supply chain management?
An enterprise relies on a network of partnerships to manage stocks, improve customer service and streamline logistics. The movement of goods through these networks forms the “supply chain” and, in today’s international environment, a delay in the operation of these networks can have a huge impact on an enterprise’s profitability.
Supply chain management includes continuity planning for the identification of, and preparation for, events that can cause delays. Indeed, it often identifies risks that were not considered a decade ago. This identification of existing and emerging risks has been catalyzed by a number of factors, in particular, the growing need to streamline the supply chain by using computer networks to process, transmit and store network information electronically. This not only provides the supply chain manager with an early warning system for risks that could cause delays, but, from an insurance perspective, also presents an opportunity aligned to the very essence of the industry’s value as a supplement to risk management in the preservation of cash flow. Trade disruption insurance (“TDI”) was created to address these risks. Rather than focusing on physical loss or damage to tangible assets, TDI is structured to indemnify the insured for the financial consequences of delay caused by insured events that occur along the intended delivery route. The insured’s ability to tailor insured events also means that the product can be developed to cater for the evolving range of risks now relevant to international supply chains today.
A growing awareness of Acts of Man as supply chain risks
In the United States, these risks are disclosed to shareholders and often appear in Securities and Exchange Commission (“SEC”) filings. As an example, H. J. Heinz Company reports that “damage or disruption to our manufacturing or distribution capabilities due to weather, natural disaster, fire, terrorism, pandemic, strikes, the financial and/or operational instability of key suppliers, distributors, warehousing and transportation providers, or brokers, or other reasons could impair our ability to manufacture or sell our products. To the extent the Company is unable to, or cannot financially mitigate the likelihood or potential impact of such events, or to effectively manage such events if they occur, particularly when a product is sourced from a single location, there could be a materially adverse effect on our business and results of operations, and additional resources could be required to restore our supply chain.” H. J. Heinz Company not only discloses natural disasters, known as ‘Acts of God’ (such as the 2011 floods in Thailand) as potential risks, but the inclusion of terrorism, strikes and operational instability of key suppliers shows that a dynamic range of human-originated threats, the so-called “Acts of Man,” are equally as relevant.
Acts of Man, from a political risk perspective, are those human risks that can affect the supply chain such as the refusal of a shipmaster to proceed into a dangerous area, a military blockade, border closures, sanctions, embargoes, confiscation or nationalization of privately owned suppliers or cargo, rioting, civil commotions, malicious damage, terrorism or war. These are risks that are becoming ever the more relevant. Recent examples of the identification of such political risks by supply chain managers include heightened concerns relating to piracy in the Gulf of Aden that could affect profits on petroleum shipments and the disorder caused by the Arab Spring that affected the availability of raw materials and secure storage capacity.
New technology means new risks
These political risks are now seen in a different context, as we see with the integration of computer networks to manage the supply chain. Whilst vital in facilitating corporate growth in increasingly global markets, they present a significant downside risk as a variety of existing and new audiences use the same technology and media developments to undermine and threaten the reputation and trading processes of businesses. Deere & Company report that “despite security measures and business continuity plans, the Company’s information technology networks and infrastructure may be vulnerable to damage, disruptions or shutdowns due to attacks by hackers or breaches due to employee error or malfeasance.” The failure to prevent a denial of service or malicious code attack on a computer system could have disastrous consequences for both management and the supply of goods within the supply chain. Those trading with Russia, Georgia or Azerbaijan will recall the issues created when the South Ossetia war saw a series of cyber-terrorism attacks disabling many organizations’ websites in 2008. Perhaps at the most catastrophic end of the scale, managers ought to consider how they would manage their supply chains without the use of computer networks at all. We witnessed this in the 2011 Egyptian crisis, when President Hosni Mubarak’s government temporarily shut down Link Egypt, Vodafone/Raya, Telecom Egypt, Etisalat Misr, the country’s four main internet service providers, leaving most of the country without any internet access.
These more “intangible” elements of the supply chain, once overlooked, are becoming real issues. In 2011, the Financial Times reported that “US companies spent about $29bn fending off raids from “non-practicing entities” also known as patent trolls, litigators who own bundles of patents with no intention of using them to build products.” These non-practicing entities can cause significant delays in the supply chain when they force a supplier to stop producing goods for reasons relating to intellectual property infringement. Risk managers are now looking at suppliers with specific dependency on certain patents or intellectual property, especially where they emanate from foreign countries that might not protect rights to the same extent as do the laws of, say, the United States.
Acts that threaten demand
Whilst ensuring the timely delivery of goods to market, the supply chain manager also needs to monitor demand for the goods themselves, and the management of Acts of Man that could affect product demand is equally important. Many corporate entities now focus on the relative appeal of their trademark product to the generic version. This intangible value is secured by rigid copyright protection coupled with the management of a consumer’s positive association with the trademark or brand. The company, Texas Instruments, for example, states that “as our business expands into new areas…infringing the intellectual property rights of others could expose us to claims for damages and/or injunction from third parties.” Actions taken to protect this intangible value may a) not be adequate to prevent the copying of product designs; and b) be insufficient to avoid brand damage. Indeed, if a brand is damaged through successful legal claims that challenge copyright or through some form of negative publicity, then the ensuing reduction in demand, especially when sudden, can cause significant problems in the supply chain. As an example, when a technology blog published a photo of an exploding Dell laptop in 2006, the single image spread worldwide across the internet, causing Dell to eventually recall over four million laptop batteries. Despite the alleged need to recall the faulty batteries, the negative perception associated with Dell at the time was probably sufficient to dissuade consumers from buying Dell generally. A similar outcome occurred when hackers gained access to details relating to Sony PS3 customers, which allegedly included names, birthdates, physical and e-mail addresses, passwords, login details, handles and online IDs as well as credit card information. Mostly due to the rise of social media, local incidents can be amplified very quickly into a global crisis for an enterprise, and empowered consumers now have a range of tools to voice their opinions, negative or otherwise, extensively to online communities. This increased threat to the reputation of corporate brands, and ultimately their consumer appeal, means companies need to carefully consider how they manage the potential fall-out from negative media or online coverage.
Analysis of a cross-section of SEC filings will reveal that each enterprise has a unique exposure to brand risk. For example, Yum! Brands Inc. identifies with potential food-borne illnesses, such as E. coli, hepatitis A, trichinosis or salmonella, and other exposures for food safety issues that have occurred in the past, and could occur in the future. They also combine this risk with a “report or publicity linking… to instances of food-borne illness or other food safety issues, including food tampering or contamination, [which] could adversely affect our…brands and reputations as well as our revenues and profits.” In contrast, enterprises dealing with network partners who, against contractually agreed corporate social responsibility guidelines, violate labor, or other laws, or implement labor or other business practices that are generally regarded as unethical in say, the United Kingdom, will be more concerned about a potential product boycott. This was experienced by Nestlé—the makers of Kit Kat—when Greenpeace alleged, in 2010, that they were using palm oil produced in areas where the orangutans’ rainforests once grew.
When attempting to export products into foreign markets or when seeking to retain market share overseas, especially in those countries which harbor politically dominant competitors and influential media companies, avoiding or minimizing brand-risk is even more important. It is imperative not to underestimate the influence that the negative perception of a brand can have on domestic consumers buying foreign products, or consumer ethnocentrism.
Insuring against emerging supply chain risks
Building successful supply chains requires a reliance on a network of partners that are critical to success and, whether assessing the factors that enable goods to get to market on time or the demand for the goods themselves, more attention needs to be given to emerging risks. Enterprise risk management within the supply chain gives the manager an early warning system for risks that could cause delays in delivery but does not stabilize profits when catastrophes occur. When sourcing insurance for supply chain exposures, it is important to discuss risk with an insurer that not only understands the intricacies involved but that also has the appetite for both the existing and emerging risks that today’s environment holds.
Kiln’s development of TDI into Enterprise Disruption Insurance (“EDI”) is one such solution. It blends the more conventional TDI coverage with the emerging risks discussed above. The underwriting process is, however, very similar to TDI and suits enterprises that have a good understanding of their supply chain logistics, and can quantify the income associated with such goods reaching their final destination. This includes discussion around the types of fortuitous events that could lead to a delay in delivery and hence, a loss of income (the events typically reflect the concerns of the enterprise and could transcend natural catastrophe risks such as earthquake and windstorm through to the Acts of Man we have discussed above: political risk, injunction, cyber etc.). The “exposure” to these risks is often revealed after due care and attention has been given to how critical the goods are in context, i.e. how the loss of a low value but nevertheless “key” component could have a significant impact on income, whereas other goods could easily be sourced or replaced elsewhere. If there is a delay, beyond a certain waiting period, then the policy will provide an indemnity for the ensuing loss of income and/or extra costs and expenses incurred to avoid such loss of income.
If “reputational harm insurance” is required, then the enterprise will need to identify those fortuitous events, or allegations thereof, that they would be particularly damaging if they attract media attention. The insurance will indemnify for lost sales volume if such negative publicity should subsequently arise, and, as a loss of income structure, will also indemnify for those extra costs and expenses incurred to avoid a larger loss of sales, such as costs associated with crisis management, public relations, legal representation and other expenses where agreed.
This solution, underwritten at Lloyd’s of London, is typically bought by companies who recognize what both their supply chain risk exposure and the value that purchasing contingent capital from an insurer, in context, represent. Cover is heavily manuscript for each client and is tailored to reflect the underlying risk as closely as possible on a standalone basis, rather than as part of a property insurance program. ■
Thomas Hoad is an underwriter with Kiln Enterprise Risk, a division of Kiln Combined Syndicate 510, specializing in new and bespoke insurance solutions, with emphasis on the field of intangible assets.