In today’s complex business environment, supplier management is a changing landscape. Digitalization, cyber risks, and geopolitical influences are some of the trends that affect the way companies work with their vendors. In this context, vendor onboarding is a critical step. It guarantees Source-To-Pay security and a smooth vendor relationship. A poorly handled onboarding can put the entire payment chain at risk of vendor fraud or mistakes.
Alexandra Lafaurie, VP Product at JAGGAER, and Miguel Vega, Global Product Manager at JAGGAER give their insights and best practices for successful vendor onboarding. JAGGAER and Trustpair are happy to share their latest white paper: Supplier Risk, The Modern Guide To Secure Vendor Onboarding. Download it right now!
- A very general to start with, could you present yourself, and present your expertise in terms of risk management, in your current and past positions?
Alexandra: Within Jagger, I’m in charge of product management of the upstream products. This includes category management, supplier management, sourcing, and contracts.
So it obviously includes the processes of supplier onboarding, but that’s only one piece of it. I’ve been a Jagger for 2 and a half years. Overall, I’ve been working in other SaaS companies, always in the procurement, sourcing, and supply chain space
So I’ve always helped organizations from the buyer side manage their suppliers. In the end, there isn’t one step of the Source-To-Pay that doesn’t include the supplier.
Before Saas, I was in charge of a sourcing office in a retail company in France. That was mostly negotiating: we were basically negotiating with suppliers. That first experience was the bridge to my current position.
What’s interesting is that when I started working in sourcing, tools were just starting to come on the market. We still had old habits in terms of negotiating and partnering with suppliers. But tools like Jaggaer have definitely changed all that and changed supplier relationships.
- A broader question about today’s business environment. What’s your analysis and insights about supplier risks today?
Alexandra: If I go back to my experience twentyish years ago, risk at the time was mainly about the quality of products. It was about the product breaking during shipment, once it was bought. After-sales service was a big focus then.
And then the other big risk was financial. Is the company managed well enough to respect its commitments in terms of product delivery? We were always negotiating payment terms, stock levels, and so on.
What I see today is that there are many more risks and that they are completely unpredictable. There are many more areas that we need to consider when we evaluate a supplier.
If we think about quality, we go much further than we used to. It’s about pulling out the product from the market. Product recall is very impacting – more than any quality issue we used to have.
There are also health concerns, financial risks of course, and political and environmental turbulences. Political risk is a real thing: all of a sudden your product is not going to be delivered and it’s not the supplier’s fault. There’s an increasing request in certifications – you basically need a certification for everything. And one phenomenon that’s also growing is the impact of social media. The reputation of suppliers on social media can impact a company.
There are external factors that didn’t exist before. The variety of risks that you have to consider when you do business with a supplier is much larger. The unpredictability is huge: anything can happen at any given time and there’s no saying you can prevent risks from happening.
For example, an employee at one of your supplier companies might post that video or that picture on social media because they’ve been kicked out of an airplane and all of a sudden it’s the reputation of the whole company that’s impacted. These things happen and you cannot necessarily prevent them all the time.
In light of all this, it’s really hard now for a buying organization to just have two people in a team or a centralized team to manage risk. It has to be done throughout the organization: everybody, in every team and business unit, has to think and breathe risk.
So yes, reducing supplier risk is daunting in today’s environment.
- You were talking about external risks. What about fraud risks? What we see at Trustpair is suppliers being defrauded unknowingly and passing on the fraud to buying organizations. What can you tell me about this type of event?
Alexandra: We see it increasing and sometimes we see it live in our tool. Cybersecurity is a number one concern right now. The attack can come from anywhere, in any form. Obviously, the small and medium-size companies are more at risk than the big ones. The big ones have usually set up enough security. It’s not always the case, but sometimes there are dedicated teams and processes.
But your suppliers are usually smaller or medium-size and they don’t necessarily have the tools or the resources to prevent these attacks. And you know the reflex is always “Nobody’s going to care about the type of product or service I’m delivering. I’m not strategic enough, I’m not in the defense industry, etc.” But that’s what makes it easy to hack them in the end. It’s easy to use their bank account and get funds: we have concrete examples all the time. These events keep on increasing.
Miguel: What we see now is that many companies require specific cybersecurity insurance when they start working with a new supplier. When they onboard new suppliers, they want to make sure these suppliers have insurance in place that can cover any kind of attack. They want to be sure that they have certain policies and standards to prevent cyber attacks. It’s a way to cover themselves in case of failure.
Alexandra: It really comes down to digital transformation in a way. Before, we paid in cash, now we pay with bank transfers and new payment methods. Information is the same: it used to be paper, now it’s digital. This definitely increases risks.
And there’s a hard balance to find: I mean, as a software company, our users are always asking for easier ways to use our product. They want to be able to approve things from their phone to single sign in everywhere. But in the end, that’s what makes it dangerous: linking everything together and having access to everything everywhere.
The security measures need to be strong enough and that’s what we often tell clients: “Be careful about easy access to everything”. Companies need to put in place some framework, some limits, and approval workflow. Multi-factor authentication for example: it might be considered a pain, but it’s the price you have to pay to keep all this information secure.
- Why are those risks evolving, and increasing? We’ve talked about digital transformation, but are there any other factors that could explain the fact that risk management and supplier risk management are now a whole different landscape than it was a decade ago?
Alexandra: We’ve talked about it already, but the first factor is digitalization. It allows remote access to a lot of information and opens the door to breaches, mistakes, and so on.
There’s also the geopolitical environment. All of a sudden if the supplier is in the wrong region at the wrong time with the wrong earthquake or conflict, you have a new risk that appears. Unfortunately, this type of risk isn’t predictable.
One other factor that increases supplier risks is the human aspect and higher turnover. People used to stay 20-30 years in the same company: so you could be certain that there was a team handling processes with expertise and with the right information. Now turnover is higher, people move on quickly, and each time you need to re-train and share all the processes all over again. The workforce is much more volatile, changes often and it’s hard to maintain the same kind of training overall.
The human factor is very important. Very often when there’s an issue, there is a technical issue somewhere, but there’s almost always a human error as well.
- Now could we go over the main types of supplier risks?
Alexandra: The financial risk is definitely on top.
Then there’s a theme around quality. When a product is not delivered with the right quality then you have a definite risk. A risk that is amplified by constant and direct access to the news: quality issues are known more quickly.
We already mentioned geopolitical risks, in which we can put of course all the different conflicts and wars which impact directly the supply chain.
Another area is obviously ESG-related: environmental, social, and governance risk.
On top of the cybersecurity risks we talked about earlier, there’s also what I call the “social media risk”. At any given time anybody that is involved in your company can create turmoil on social media and have an impact on your company. The same goes for your suppliers.
That’s kind of another type of risk where you have to go on social media and check what people say about your company, and remove certain comments if previous employees are saying things.
- Let’s move on to supplier onboarding. How important is supplier onboarding in the source-to-pay process? Why is it a stepping stone in this process and how can it help prevent these risks we’ve talking about?
Alexandra: Well it’s the front door, right? It’s the first step of your relationship with the supplier
In fact, this does depend on companies – different processes exist.
Some companies do the whole negotiation and then they validate a supplier and send him right away to onboarding before signing the actual contract. Steps are long and it can be tiresome to wait for the contract. Other companies do it differently. They onboard suppliers first, which gives them leverage for negotiations afterward.
There are so many steps to a supplier relationship nowadays: identifying a supplier, discovering this supplier, finding out if it’s financially stable, has more or less the product you want, the quantity and capacity you need, and so on. But overall, onboarding is about collecting answers to critical questions about the supplier.
It’s also a way of testing the interest of the supplier. When you start asking questions, you’ll see how responsive or not the supplier is and how interested he is, how well and quickly he’s going to communicate. So it’s also interesting for the overall quality of the relationship.
The onboarding is critical. If you do it well – and don’t burden them with too many requests – you’re really accelerating the relationship with suppliers and the way you’re going to do business with them.
That’s another point about onboarding: you have to verify a few things, but you cannot ask everything at the beginning. You’re going to make suppliers tired and complicate the relationship before it has even begun. You have to validate things from the beginning that are critical and you have to define which ones are critical and which ones can be filled in later on. The process can’t be too taxing.
Onboarding is very important because it’s a good way to level up the partnership and the relationship. It’s also a way to spot the red flags if there are any and to stop the relationship before it even started. The hard part is defining what your red flags are.
Many of our clients give us a list that’s way too long. Or the opposite: they think about critical information to ask too late. By then it’s too late and too complicated to add these requirements and questions in the workflows.
- So next question, which you kind of already talked about, what would be the key steps according to you for a successful supplier onboarding process? The milestones to make supply onboarding successful.
Alexandra: There are 5 points to be covered I think.
- Define the KPIs of your organization to do business successfully with that supplier.
For example, it could be: do I want to work only with suppliers that have more than 10 years in business and have a certain financial stability? Do I need them to pass the $100 million revenue mark? Do I want a small company that has not done any proofs on the market? These are basic questions to ask yourself. List these KPIs and you’ll know what success looks like when doing business with that supplier. - Restrict yourself from listing too many criteria to onboard a supplier. You can’t have 100 questions to ask: if so, the suppliers are going to run away. Ask a few general questions to get to know the supplier, verify a few things, and then ask questions about the operational relationship. Don’t go too far or you’ll scare them off.
- Order these questions by themes and types. This is for more efficiency. Remember you’ll have people reviewing suppliers internally and people on the supplier side reviewing them. So it’s better to have all questions sorted by themes. It will be easier for both parties to review them and fill them in. That way you can send one section to your financial team and send another one to your quality team and so on. Make it as simple as possible.
- Create approval workflows. Make these workflows simple, which is easier said than done. There’s often the need for many validation steps. This is where automation is the most useful. When you onboard suppliers, you onboard thousands of suppliers usually. Make it simple.£
- Explain the whole process to your suppliers. Explain what your criteria are and what your processes are. What I’ve seen is that nowadays we ask so much of suppliers to do business. They have to give this certificate, this insurance, and so on. It needs to be easy for the supplier to do business with you. It’s an important part of the relationship to explain the whole process and the risks involved. In the end, it’s about finding the right balance between asking too much and asking too little. Having processes in place but not to burden them with heavy processes and so on. What really matters is asking the right thing.It may be idealistic, but for me, the relationship between a supplier and a buyer is a partnership. The supplier also takes risks when doing business with you: getting paid on time, and so on. And they accept this level of risk, which is why you should make the onboarding as clear as possible.
- And what role does automation play in securing everything that we’ve just talked about? How is automation going to make supplier onboarding easier, maximize its impact, and make the supplier relationship smooth?
Alexandra: Automation is the ultimate help. Just because onboarding can be painful for both parties: you need to reduce all the repetitive tasks, with workflows, triggers, and so on. We have a client that has 190,000 suppliers for example. With these numbers, if you don’t have automation, you cannot do business.
We go even further than automation now, with artificial intelligence. We can validate documents automatically with AI. You can scan those documents, and see if there is a signature here, a date there.
You can generate alerts, and set them up on specific rules or on previous behavior as well. AI looks in your system and notices that when you do this, this usually happens afterward. It can suggest actions and adapt workflows.
All this helps on the buyer’s side but also the supplier’s side. You can guide them through the onboarding steps. Our product Advise (or Assist) is very useful for that: it can guide buyers and suppliers. Many areas in supplier onboarding and supplier management can be automated. Miguel, any example you’d like to add to illustrate all this?
Miguel: Well I’d say when you’re working with thousands of suppliers and you have to onboard and manage them, automation will release a little on the human side of things and will help avoid mistakes and such. You’ll save time and avoid human error.
- Well, thank you very much to both of you. That was very interesting and comprehensive. Is there anything you would like to add maybe?
Alexandra: I would say that risk management is hard today, much harder than it used to be. And let’s face it: you won’t be able to cover all risks on the supplier end. They’re too unpredictable.
But you need to be smart about supplier onboarding. You need to ask the right questions and remember it’s a two-way street. In a way, suppliers are also onboarding you! They’re trusting you to do business with them. I really encourage more collaboration in the supplier onboarding process than there usually is.
It’s not just just about verifying documents and so on, there’s a human aspect at some point.
You work with JAGGAER and are interested in implementing Trustpair to secure your vendor onboarding and payment chain? Contact an expert to learn more!