Learning How Much We Don’t Know Is the First Step to Appreciating Supply-Chain Risk Management

This article was written by ISCPO Board Member Maurizio P. Scrofani, CCSP, LPC, and was originally published at LPM.

Also read at LPM: Into the Rabbit Hole of Supply-Chain Risk

The supply-chain web is spun so intricately that it’s impossible to know it, truly. Perhaps the most we can aim for is to gain knowledge about one link, then another, and gradually appreciate more fully how pieces fit together. Maybe it’s not realistic—when it comes to today’s supply chain—to have a goal of becoming an “expert.” Instead, dedicate oneself to being a lifetime student of supply chain’s infinite complexities.

The aim of supply-chain risk management (SCRM) is fairly straightforward. It’s how we help to identify risk and manage supply-chain security adequately. But learning about supply-chain risks is a bit of a rabbit hole. Even something seemingly basic can be muddy, such as where supply chain starts. (With a product’s manufacture? When plans are drawn? At ideation?) What’s certain is that risks are inherent at every step along a product’s path to a store’s shelf. And, perhaps, back again as purchase does not always mark an end to a product’s path through the supply chain.

In the case of a return, the product may hit the road again, from store back to vendor, and undergo additional steps. In the case of, say, an oil-filled radiator, a vendor may face a series of environmental regulatory steps before parts and pieces are sent back to the manufacturer or a scrap company.

The number of players, the differences in technologies, the amount of information, and the sheer volume of interactions between these and other layers of today’s global supply chain make it extremely difficult to identify risks, let alone mitigate them.

Supply-chain management encompasses the coordination of the many activities related to sourcing, procurement, conversion, and logistics. It involves planning and processing orders; handling, transporting, and storing the products purchased, processed and/or distributed; and managing the inventory of goods in a coordinated manner. And there is risk through it all—as broad and diverse as the supply chain itself.

Cargo theft is an example of a risk in the supply chain. It is, however, a single risk within a small section of the supply chain (logistics). A furniture manufacturer/seller of wooden dressers, for example, will have to manage myriad supply-chain risks long before it has even made a product to ship. For every metal screw or plastic knob that will come from a supplier, the company will need to assess reliability, and for every shipment of wood, its health and quality.

Geographic Impact of Supply-Chain Risk Management

Today’s vulnerabilities are multiplied due to greater geographic distances and the complex processes of the supply chain. Globalization presents unique challenges when applying supply-chain risk management methodologies to safeguard the supply chain from emerging threats and vulnerabilities. Disruption can hit the supply chain at any point, from manipulation in raw material usage, malware and intrusions in digital supply-chain processes, cargo theft, and crime in warehouses and distribution centers.

At the very broadest level, external supply-chain risks include:

– Demand risks caused by unpredictable or misunderstood customer demand.

– Supply risks caused by any interruptions to the flow of product, whether raw material or parts, within a company’s supply chain.

– Environmental risks from outside the supply chain, such as economic, social, governmental, and climate factors, including the threat of terrorism, global crisis and recession, and political upheaval.

– Business risks caused by factors such as a supplier’s financial or management stability, or purchase and sale of supplier companies.

– Physical plant risks caused by the condition of a supplier’s physical facility and regulatory compliance.

In each area, questions fuel a risk-management process. Our furniture company, for example, needs clarity on key issues related to its suppliers if it is to embed resilience into its business. Intellectual property is one area—one among many—that it needs to examine.

– Do our suppliers have a history of intellectual property theft? Been accused of it?

– Have they been victims? Did an employee improperly share sensitive information or provide access to a facility? Was there a computer network intrusion?

– How do they protect their internal computer networks?

The furniture dealer also needs to know about its suppliers’ processes and procedures to verify the quality of its products or third-party products and services: How is the quality of product verified? What mechanisms are in place to ensure products meet requirements? Is an inspection process in place to review materials and/or services? Distribution is another category: How do suppliers transport products? Are they warehoused during transportation, and if so, where? Who has access to those properties? And what about finances? Are the suppliers stable?

Again, these are just some of the necessary risk-management questions to help neutralize a small sampling of external risks, from a few slivers of the supply chain. And while partnerships with top suppliers are typically strong, these questions should also be asked and answered for second and third-tier suppliers.

Of course, our fictional furniture firm faces an equal number of internal risks, including manufacturing risks, business and process risks, and planning and control risks. It faces risk from shrinkage resulting from holding too much inventory, for example. And what about risk from product defects? Or high labor costs? Or poor planning? What if key personnel leave? How might that impact business processes or how purchasers communicate to suppliers and customers?

The consequences of failure are hardly hypothetical. A new commercial airliner was delayed three years because of a failure to assess supply-chain risks properly. A candy maker’s stock sank 8 percent when it couldn’t deliver for Halloween. And in 2015, a cascade of technology missteps in a major big-box retailer’s supply chain, which caused the prospect of patchy or empty store shelves, forced it to withdraw entirely from a country’s marketplace.

Conducting a Company-Wide Risk Assessment

A robust SCRM process starts by identifying this world of risk—conducting a comprehensive, organization-wide risk assessment to determine what can go wrong. Relevant metrics, multiple sources of input, and augmented data analysis are necessary to get an accurate picture of the current situation. Risks then need to be scored and prioritized, based on their likelihood of occurrence and potential impact on business.

Once risks have been identified and prioritized, organizations need to create a comprehensive risk-mitigation plan based on short-term, medium-term, and long-term risks; to identify the right people to implement it and assign responsibilities; and to create escalation mechanisms for each risk and contingency plan.

A clear risk picture and planning are the base layer. Organizations must also monitor and track the progress of their risk-mitigation initiatives to ensure that they work in real-life business situations. Risk-management tools and insightful dashboards can help steer an organization through interactions with suppliers and other operational stakeholders and prompt timely informed decisions. Broadly, SCRM is critical to managing interaction between suppliers, information, technologies, products, and logistics service providers.

So what does our furniture company stand to gain? By improving its management of supply-chain risk, it can maintain control over inventories and distribution, thereby matching and managing supply with demand to reduce costs, improve sales, and enhance company profitability. That, too, sounds simpler than it is. It requires:

– Understanding the business, the customer and customer needs, and adapting the supply chain to find the balance that maximizes profitability.

– Customizing the logistics network to meet the service requirements of various markets, which may influence the size, number, location, ownership, structure, and mission of warehouse facilities.

– Recognizing market signals and aligning strategies accordingly to ensure consistent supply forecasts and optimal resource allocation.

– Strategically locating/warehousing products close to the customer base and speeding conversion efficiencies to react quickly to market signals and store/customer needs.

– Managing supply sources strategically to reduce the total cost of owning goods, as well as teaming with business partners to reduce costs across the supply chain to lower prices and enhance margins.

– Developing a technology strategy and IT system capable of integrating all the above information—one that makes all this critical decision-making possible.

A well-managed supply chain—one that mitigates risks—is essential to a successful operation. In today’s global manufacturing environment, where merchandise often moves across oceans or continents before appearing on store shelves, the risk of loss or delays due to cargo theft, weather, work stoppage, and even paperwork errors requires innovative and comprehensive supply-chain risk-management solutions to manage successfully. When we consider that every single piece of merchandise must in some way pass through the supply-chain network, it’s easy to see the need to implement appropriate controls and protect our interests against an increasingly complex world of risk.

—

MAURIZIO P. SCROFANI, CCSP, LPC, is a well-known supply-chain asset protection professional with over twenty-five years of experience in retail and manufacturing, including leadership roles with Macy’s, Bloomingdale’s, Delonghi, and Toys“R”Us. He was cofounder and president of CargoNet, a supply-chain theft prevention and recovery network solution of Verisk Analytics. Currently, Scrofani is the chief supply-chain security officer for ALTO Assurance where he leads the team that offers shippers and logistics providers a comprehensive, end-to-end asset protection and risk-management technology solution. He can be reached at mscrofani@alto-us.com.

The changing face of cargo theft: interview with Scott Cornell

Cargo theft and protection is a cat-and-mouse game over some valuable cheese, according to Scott Cornell of Travelers Insurance.

By Mark B. Solomon

When it comes to cargo theft, there is good and not-so-good news. According to security consultancy CargoNet, nationwide incidents of cargo theft last year declined 17 percent from 2016 levels. Yet there were still more than 700 reported incidents last year, involving $89 million of stolen goods. Many more incidents were believed to have gone unreported. The bulk of the thefts occurred over long holiday weekends when drivers take extended breaks and often leave their rigs and cargo unattended.

Businesses are getting smarter, but so are thieves. Shortly after Memorial Day, Scott Cornell, transportation business lead and crime and theft specialist for Travelers Insurance, spoke to Mark B. Solomon, executive editor-news for DC Velocity, about the most current trends in cargo theft and what businesses can do to protect themselves from an expensive loss down the road. 

Q: Do you have a read on theft activity over the holiday weekend?

A: This year’s weekend wasn’t the worst we’ve seen in terms of number of thefts, though it was slightly above the average weekend. During holiday weekends, it’s important for shippers, carriers, and brokers to make sure shipments are secured and to educate drivers on cargo theft tactics and prevention methods. It would be ideal to avoid leaving loads unattended. However, when that’s not an option, we recommend a layered approach to protecting shipments. This includes good processes and procedures, staff and driver education, and physical and technological security enhancements.

Q: Five or six years ago, most thefts were yard heists and inside jobs conceived by ex- or current employees in the distribution center. Given the abundance of digital tools and thieves’ mastery of them, is the traditional scenario still commonplace?

A: What we call “straight” theft is the most common type of theft, and it happens most often at unsecured locations. However, evolving technology has contributed to a rise in strategic theft, such as identity theft and fictitious pickups, by helping thieves identify their targets and find new ways to trick people. It’s important not only to use physical security to protect loads, but also to have strong practices in place for protecting critical information and defending your company from cyber-based threats. Having this type of protection in place for virtual threats is just as critical as the physical protection needed around a yard or for a load in transit.

Q: Over the past five years, how have these tactics evolved? What has changed about the way they are executed?

A: Strategic theft methods have changed over the years. There was a time when we primarily saw two tactics—identity theft and fictitious pickups—but in recent years, we have seen more than a dozen different methods used. These types of cargo theft involve the use of fraud and deceptive information intended to trick shippers, brokers, and carriers into giving the load to the bad guys instead of the legitimate carrier. Organized cargo groups now use strategic methods such as double-brokering scams and “ghost trucks,” and they will even trick legitimate trucking companies into picking up the loads for them. Additionally, thieves will combine two or three methods to further complicate things. Victims may not be able to tell how they’ve actually been hit.

It is important to thoroughly vet all carriers and brokers through the Federal Motor Carrier Safety Administration (FMCSA), Internet search engines, third-party vetting companies, and industry associations. Work closely with shippers to confirm driver identification at the point of pickup, and don’t hesitate to contact your customers and business partners if there is any question or concern. Often, the additional scrutiny will deter thieves from pursuing the load in question.

Q: Freight brokers and third-party logistics service providers (3PLs) play key roles in procuring truck capacity for their shipper customers. Do you find these intermediaries are up to speed on anti-theft strategies and tactics?

A: It depends on whom you are talking about. Some larger brokers have dedicated teams with very detailed vetting procedures and security teams that can respond if they have a theft. Others may not have the same awareness or necessary procedures in place or dedicated resources needed to respond because they haven’t yet experienced a theft.

Q: It’s been said that freight posted on spot market loadboards becomes a target as soon as it is visible. Loadboards are getting more traffic today as spot market demand remains very strong. What are the security holes in loadboard freight and how can they be fixed?

A: Loadboards are as much a victim as the shippers and carriers in this situation. They are being taken advantage of while trying to provide a valuable resource and service, and there’s only so much that can be done to stop it. Some boards restrict membership, but even that can be worked around, and when bad guys do get through, it’s simple for them to profile a load to target.

In this situation, it’s important for users to exercise caution when coordinating through these boards. There are some steps they can take to help keep a shipment safe: First, establish strong pickup security policies and procedures. For example, require the driver to have a specific and secure pickup number to gain access to the load. Second, ensure everyone involved in the haul is who they say they are. This also goes for the freight broker assigned to choose the carrier. Third, check if your insurer offers the right coverages for these perils and has the resources to prevent theft issues and recover goods if the worst happens.

Q: You said at a recent conference that thieves will “go to the well until the well goes dry.” Does that mean they will leverage the same scenario until they are stopped? How do shippers and carriers combat this?

A: Thieves know what they’re doing. If they know they can target a specific company with good cargo and insufficient preventive measures, they’ll do so until someone stops them. But they’re also smart enough to move on when law enforcement or the targeted company starts cracking down. We’ve seen several shifts over the years where law enforcement will be on the lookout for one type of theft, and in response, thieves will shift their tactics to evade detection. Similarly, we’ve seen thieves make sudden geographic shifts when they realize they’ve attracted too much attention in one area. For example, we’ve seen California-based crews move to Arizona, Utah, or Washington to evade detection. This creates a Whack-a-Mole effect.

Q: How much theft can be deterred just with common sense, such as fully vetting a carrier before providing pickup information? Or is that easier said than done?

A: Cargo theft doesn’t take only one form, and neither should theft prevention. I can’t stress enough the importance of taking a layered approach to protecting loads. Remember, processes and procedures are free, and they are often the best methods to prevent theft.

Truckers Carrying Guns? Still a Taboo Topic

CAITLIN KELLY

JUNE 12, 2017

https://www.trucks.com/2017/06/12/truckers-guns-taboo-topic/

The Mustardseed Truck Stop on Highway 167 in Sumner, Wash., wins little love: “filthy,” “disgusting,” “overpriced” are but a few of the many scathing reviews offered by truckers reluctantly paying $13 for a 12-hour break on its premises.

It’s also a former crime scene, where, on March 8, 2016, 52-year-old Piotr Pietrzykowski was stabbed to death in his white cab. He was driving for Top Line Express, a company founded in 2011 in Schaumburg, Ill.

His violent death, reported only by the local media, remains unsolved more than a year later.

Pietrzykowski’s slaying is one of 27 reported driver killings nationwide between 2010 and 2015, according to Bureau of Labor Statistics’ data. It also prompted a debate on whether truckers should be allowed to carry guns for protection.

“It’s the Wild West. You’re on your own,” said Norita Taylor, spokeswoman for the Owner Operator Independent Drivers Association, which represents 158,000 members.

Unlike the Wild West, though, where many carried a six-shooter and rarely hesitated to use it in their own defense, today’s drivers face a much different and more challenging environment.

Frustrated drivers are increasingly at risk as a drastic shortage of parking — an estimated 300,000 spots are available for more than 3 million drivers — makes dark, remote spots the default place for mandatory rest.

Truckers most often were killed on duty — 12 slayings — while parked on a local road, street or highway, according to BLS data. Another seven were killed in a parking lot or garage not owned by their direct employer. Truck drivers were the victims of 5 percent of reported workplace homicides between 2011 and 2015, according to the federal agency.

While there is no national law prohibiting truckers from carrying properly permitted firearms, it’s still a questionable practice. Myriad city, county, state and trucking company policies make it nearly impossible for truckers to legally carry firearms in their trucks.

That leaves drivers who choose to bring a firearm on the road caught between complicated state and local laws, and their fear of being attacked while alone and far from help.

“You have a very deep need for national reciprocity so that our rights for self-defense get extended across the United States,” said Evan Nappen, an attorney in Eatontown, N.J., who concentrates on firearms and weapons law. “Most civilians are not as concerned with this issue, but this is drivers’ living.”

But others said there is little data available that would show whether firearms would better protect drivers from crime.

“I think you have to weigh the safety and security of the truckers and whether the ability to carry a weapon increases their ability to protect themselves,” said Tim Lytton, a law professor and gun regulation expert at Georgia State University. “We don’t know the extent to which arming truck drivers or allowing them to carry across jurisdiction is going to increase their safety or decrease their safety.”

Even if a driver has the legal right to own, or carry, a firearm in his or her home state, each state, and sometimes each county or even municipality — like New York City, Chicago and Washington, D.C. — may impose its own much tougher laws.

A driver found carrying a gun in New Jersey faces a minimum mandatory prison sentence of 3 ½ years and as much as 10 years, Nappen said. He recently successfully defended a Marine, a military police officer who brought his MP-issued handgun home to New Jersey from his workplace in Quantico, Va.

“Truckers are more likely to have this problem than anyone I can think of,” he said. “They know they’re vulnerable to violence, and they also don’t realize how harsh New Jersey law is. The individual has to choose between who they fear more, cops or criminals.”

Short of guns, drivers are relying on other things they are allowed to carry in their cabs and which they can use as weapons, including club-like objects such as heavy-duty MagLite flashlights, tire irons and pry bars. Some take dogs in their trucks to alert them if someone gets too close to their cab.

Robert Palm, a father of two young children and a 26-year veteran driver based in Albuquerque, N.M., told Trucks.com he is careful to protect himself, but wouldn’t provide specifics except that, “I guarantee you, the end result will end in hospitalization.”

“Most of what truck drivers are dealing with aren’t so much legislative issues, it’s company policy issues,” said Kevin Michalowski, a firearms advocate.

Trucking companies’ insurance policies may prevent them from allowing their drivers to carry firearms, said John Goldberg, a professor at Harvard Law School.

“If the companies have liability insurance policies, it is possible that the insurers have told the companies that the insurance will not cover shooting-related liabilities,” Goldberg said.

Calls placed to companies large and small, and to safety experts to discuss how they teach drivers to remain safe without a firearm offered little insight. No one wants to discuss it.

“I don’t think there’s any training for safety,” said Taylor of the Owner Operator Independent Drivers Association.

“I’m afraid we just don’t have much to say on the topic because it varies significantly carrier to carrier and driver to driver,” said Sean McNally, spokesperson for the American Trucking Associations.

Yet drivers of armored vehicles have had the legal right to carry firearms across state lines since the passage of the Armored Car Industry Reciprocity Act, or ACIRA, in 1993.

UPS provides its employees with explicit training, said one UPS driver who asked that he not be identified because he was not authorized to discuss the shipping company’s safety policies.

“Do not leave your cab. Do not engage in anything. Do not put yourself in harm’s way,” he said they’re told.

Other company precautions include GPS tracking of every UPS vehicle, he said. Company drivers are given a credit card that can be used with their own PIN and only to buy fuel, the driver said.

“We’re not allowed to carry guns,” he added.

Like others drivers —now constrained by the use of electronic logging devices that track their driving time and tighter regulation and oversight of work hours — the UPS employee said he worries about finding safe places to rest.

“It’s very dangerous. The 30-minute rest rule has made it worse,” he told Trucks.com. “You always have to be thinking ahead. There’s only so many places you can stop on the turnpike.”

Chad Boblett, a long-distance driver and owner-operator who also runs Ratepermilemasters, a Facebook page for drivers with almost 11,000 members, said he can feel vulnerable on the road.

“I’m a very easy target for anyone who wants to rob me,” Boblett said.

On a recent delivery, veteran trucker Palm ended up “40 miles from the nearest rest stop” in an isolated part of Connecticut. He had to stop to comply with the hours of service rules governing how long drivers can work before taking a rest break.

“I sat there for 10 hours,” said Palm, who founded and runs truckersfinalmile.org, a 4-year-old registered 501c (3) charity that covers the costs of returning drivers who’ve died on the job — whether killed or having died a natural death — cross-country to their bereaved families.

With the drastic shortage of parking spaces “you have no safe haven,” Palm said. “I believe every trucker should be armed.”

Editor’s note: Trucks.com staff writer Clarissa Hawes contributed to this report.

Caitlin KellyCaitlin KellyCaitlin Kelly frequently writes for The New York Times, where she has published more than 100 articles. Winner of a Canadian National Magazine Award, she is a former reporter for The Globe and Mail, Montreal Gazette and New York Daily News. She is the author of “Malled: My Unintentional Career in Retail” and “Blown Away: American Women and Guns.” She can be found on Twitter: @CaitlinKellyNYC.