The recent natural disasters have affected supply chains across the globe. Director brought together a group of executives from a variety of sectors to discuss their impact on business in the UK. How do companies view globalisation now? Do they feel more vulnerable or is it still a massive opportunity? This was their response…
Director panel
Tim Astley, principal strategic risk consultant, Zurich Insurance
Jim Wilkes, senior technical underwriter, Zurich Insurance
Andrew Gilbert, founder and managing director, Node4
David Rollin, managing director, Interfleet Technology
Andrew Churchill, managing director, JJ Churchill
Dr Graham Cooley, chief executive, ITM Power
James Sleater, co-founder, Cad & The Dandy
Tony Cherry, partner, Beachcroft LLP
Ratnesh Bagdai, co-owner, Hix Restaurants
David Maeer, managing director, Marston & Langinger
Director: How have the recent natural disasters affected your business and attitude to risk?
Tim Astley The Japanese catastrophes and the [Icelandic] ash cloud have demonstrated the need to recognise the wider supply issues and the broader business landscape rather than depend on the constant drive to cut costs, reduce suppliers, outsource and transfer skills in the pursuit to achieve ever more efficiency. [These disasters] have reminded people that there are dependencies on others that need to be understood. You can't just assume those suppliers are always going to be there.
Andrew Churchill Natural disasters by their definition will always happen, but if their periodicity is just outside one human generation's memory we tend to forget they happen and fail to plan for them.
David Maeer For risk management reasons we buy 98 per cent of our materials from different parts of the UK. We make sure we know where our suppliers buy their materials from and that those suppliers are buying from different parts of the world so that if disaster hits one, we can switch to the other supplier.
James Sleater There is an inherent lack of skill [in the UK] to make a suit in the volumes that we're doing so we have to look overseas and expect the Chinese or Indians to make Savile Row-standard garments. At the moment pretty much all our overseas-produced clothing is in our workshop in China, which is
part-owned by us. We've been affected by little things rather than natural disasters. During Chinese New Year we closed down for two weeks. That gives us a massive backlog, so we're looking to buy workshops in other countries to try to mitigate that risk.
Ratnesh Bagdai We are restaurateurs, and for us if it's an ash cloud issue it's a tourism issue and we get hit. The other risk areas are rising tea prices and duty on spirits due to price sensitivities abroad. How quickly do we adjust our pricing structure? We've always had a policy that we hold firm because customers are very familiar with prices.
Andrew Gilbert We operate data so our biggest purchase is power, which is a variable in itself. Our business is about mitigating the day-to-day risks of operating an IT system. Typically, a business would run their IT system out of a cupboard – what they would call a data centre but what I would call a computer room. Around 80 to 90 per cent of firms would stop dead if their computers were turned off, even for a few hours. People are moving out of those cupboards to a provider like us where we mitigate those day-to-day risks. Customers want their kit spread across multiple centres so if there's a disaster in, say, London or in Derby, you mitigate those risks.
David Maeer [Our IT infrastructure] was in the cupboard and when we had an annual review with our insurers one of the disaster recovery points they made was that our IT was too vulnerable. We've now outsourced it to an external company with more than one site.
Andrew Gilbert When it comes to IT spend, firms typically scrimp and save and IT is cobbled together. That's the problem. People spend to fix rather than invest. It takes an event to occur to spark a reaction. There is a bit of a culture change happening now where people are making it part of their expansion plans and saying, IT is a critical part of my business.
James Sleater We've invested £250,000 in our IT system. We're in an antiquated industry but when we order something it happens immediately. We can track everything in the process. So if we've got 400 to 500 suits going through in a month, with however many possible permutations per suit, we can make sure the final product is right. It translates into any language we've set it up for. It does exactly what it needs to do for a small business working in different locations.
Graham Cooley We're at the opposite end of the supply chain. We've developed new patented technology and are currently looking at the ultimate win for a technology company which is to get designed into a blue chip's product. We feel the hard end of the supply market development. We've had to go through ISO accreditation, CE marking, five different European directives and we're now in the process of trying to get qualified as a supplier. But disaster can bring opportunities in the supply chain. If a disaster happens in Japan and a very highly optimised manufacturing business like Toyota experiences difficulties, that's an opportunity for UK companies. It's no surprise that the most optimised 'just in time' manufacturing businesses have the biggest problems when there's a disaster.
Tony Cherry From a legal point of view one worrying trend is that, generally speaking, there are force majeure protections in contracts and the current trend is for procurement organisations to try and dilute these protections. In certain circumstances contracts can be cancelled almost immediately – undermining the entire purpose of force majeure.
Jim Wilkes We see a lot of that. People send contract conditions into us and some of them are, even if they're written in English, almost impossible to understand. I should think that for SMEs it's a phenomenal problem. It's difficult to negotiate with [big firms] who have that element of power.
Graham Cooley If you beat up your suppliers to try to keep costs down as well as reduce your risk you'll end up with companies that can't supply you because they can't take on all the risk that you're projecting on them. There needs to be an element of risk-sharing in the supply chain and that is one of the things that has to be reviewed after a disaster.
Tim Astley [Businesses need to look at the supply
chain] from the customer end. What is the customer and what is the value proposition? Then feed back and look at the risk from that perspective. That way you get a much better sense of where relationships need to be enhanced and where the risks need to be mitigated. We are seeing, even in some traditional industries, which might otherwise have been fairly heavy-handed and brutal with suppliers, firms
start to realise that they might build this
relationship across the supply chain in order to mitigate their risk.
David Maeer We recently spent the best part of a year negotiating our largest-ever contract with a customer in New York. It was a very large American conglomerate that tried to apply all of its contract law. We sent out a normal standard contract expecting that we'd have to negotiate on some points. What came back was a completely different contract with everything sided towards the client. We spent a year going back and forth with this ferocious US lawyer. It was only when we got in front of the client that we managed to agree what was reasonable.
Andrew Churchill But there is opportunity. Whether you're looking at ISO accreditations or specific approvals, these are barriers to entry for newcomers. That's great if you're in. If you're not in, and you want to get in, it's tough. We love defence contracts. They're typically a foot thick. They scare everybody off. But once you understand how to negotiate them you have an opportunity to supply something.
Graham Cooley If you're trying to get a big contract with someone who wants to beat you up you have to try and share risk. At the end of the day, SMEs have to take on some risk, you won't get in otherwise. In the early days you're going to have to take that.
Andrew Churchill When I had to sign a missile contract I had to warrant that anybody in the vicinity of this product's use would come to no risk of life or limb. I pointed out that this was a missile! You just have to sign it…
Graham Cooley The world hasn't had its man-made disaster in the IT sense yet. I think it's coming. The earthquake was a bad thing in Japan, but what about a very serious IT incident? I think governments all over the world are preparing for such a huge disaster and it could be much more significant than a
natural disaster.
Jim Wilkes The Americans have said they would regard cyber warfare as a threat to national security, which could involve a military response. I notice part of the UK government's national security agenda now includes cyber. They've suddenly woken up to the fact that it's a phenomenal risk.
Graham Cooley How do you deal with it? You can understand the tyrannical dictator if you're the American military, but how do you understand the
18-year-old sitting at home eating Doritos?
Jim Wilkes I don't think you can spend all your life trying to imagine things. I remember speaking to someone who was doing the risk management for a hotel chain and he said he'd got manuals all round his room for dealing with every specific risk imaginable except the one that happened. What
he learnt was, you need general responses for how
to handle things, whatever they are. It's more
about having a process than worrying about the
individual solutions.
Tim Astley The ash cloud last year is a perfect example. We got calls saying, does that mean we need to predict every volcanic eruption in future in order to have a full handle on our risk? That wasn't the answer. The question should have been: Do we need to understand our dependence on European airspace as a transport route, or a way of getting our people around? It's the same with IT. Ultimately, if there is this critical dependence on IT, which will stop the business, it has to be understood from a generic business perspective and contingency plans put in place.
David Maeer Individual businesses can only mitigate risk to a certain extent. We can only go so far to understand what our risks might be and what we might do about it. If there was a complete meltdown of IT systems then, OK, we've got all the usual contingencies to back up. But if all that's gone you're back to developing manual processes. That would be a huge impact.
Tim Astley It's also about getting authorities to recognise the problem. The government needs to be thinking about this and engaging with corporations to decide what can be done.
Graham Cooley The other risk is energy security. We have globalised energy to a certain extent in the way we use fossil fuels. Any of the CEOs of the oil and gas companies will tell you that the age of cheap oil is over. The major alternative is renewables. But renewables tend to be nation-specific. The wind and the sun have different profiles in the UK than in California. So the solution is a local one.
Does attitude to risk affect innovation?
Andrew Churchill If you don't innovate products and processes you're out of business. Innovation is risky; it's not a guaranteed outcome or everybody would be doing it. Risk is an opportunity. It's a chance to move into a space that hasn't got a solution and open it up.
Graham Cooley That's at the heart of our economic problems in the UK. We're fantastic at innovation but we're very bad at risk assessment. We've got to follow the risk all the way through with money to get to value, and that's the bit we don't do because you never create value unless you take on some risk.
Jim Wilkes In theory, the UK government is aligned to those things. It seems to have latched on to something called high-value manufacturing. How much of the UK is not actually high value but is capable of growth anyway?
Graham Cooley If the whole world is going to decarbonise energy then that's the biggest market that's happened in generations. The idea that you adopt these technologies is all about supporting the industry that makes them. Why do you think the Chinese are doing it? Is it to decarbonise or have they just realised that solar, wind and wave is the biggest new market on the planet? We need to get very smart about all of this.
David Maeer We're negotiating to build a big pavilion restaurant in a famous hotel in LA. The reason why they picked us, apart from the fact they wanted something built in timber and glass, is because we have experience of building in that area and so we understand the earthquake risk, the fire risk… The opportunity came because we have a reputation for being able to handle that sort of thing.
Is regulation a problem?
David Rollin Over-regulation saps energy. It's inefficient, people resent it, whether it's internal rules or governmental. Even if you're a small business you ought to have a simple governance manual. It makes you think about all these issues – business continuity, bribery. You need to keep updating it and make sure everyone understands it.
Jim Wilkes We talk to hundreds of our policyholders and they say regulation is on the boil again in terms of have we got too much and what should be done about it? We've had meetings with government who seem keen to do something about it. Have you seen this Red Tape Challenge website?
Andrew Churchill Yes, but when Vince Cable was talking about it he couldn't actually remember what it was called. There's a lot of hot air. But in the manufacturing arena between 50 and 80 per cent of the regulation you're exposed to comes from Brussels, about which Westminster can do little.
Jim Wilkes The government tells us that they've sent junior civil servants off to Brussels to negotiate
while the mainland Europeans send politicians, so guess who wins? We're saying to our policyholders, get on to this red-tape challenge, you have this opportunity to moan.
Andrew Churchill I'm more concerned about flux and change in regulation than in regulation itself. I hate having to comply with something new because it has an immense, upfront load in terms of back-office staff, time, understanding what we've got to do, and then making sure we're compliant with it. Once we've complied the last thing I want to see is any
so-called simplification.
Tony Cherry Clearly, we wear two hats. Our personal lives and our business lives. In our personal lives we expect hospitals and banks to behave in a certain way and we look to regulators to achieve that which we expect from those we engage with as consumers. In our business lives we have to try and interpret that in relation to the business we run and that is difficult because we also have a high degree of personal faith in our ability to run a safe, compliant and effective business. A lot of this is not so much about regulation as about compliance. Compliance is down-skilled too far. If you can set your compliance strategy at a sufficiently high level and make sure that somebody with authority takes some responsibility for it, that is a common sense approach.
David Maeer The thing that keeps us up at night is health and safety legislation. Our factory is high risk so we have H&S policies but I also have to try and apply it to our low-risk site – a design studio in Chelsea. Trying to determine how much regulation I should put upon the people who I want to be on the front line selling our products is difficult.
Graham Cooley Regulation isn't anti-free market. It's about reducing risk and trying to stop some levels of volatility in the market. You can't just let individuals do what they want because if you do people will die. If they're not following health and safety, people
will do crazy things and take on too much risk. Regulation controls volatility and risk.
David Rollin Regulation is a brand protector. You build a brand on trust and belief. Usually, in an economic recession, people will go to the brands they trust. If you define to all your people what the rules are on behaviour and attitudes you'll end up with a safer business. Good governance is brand enhancing.
Graham Cooley Regulations are a barrier to entry, but once you've spent the money and the effort, and gone through them, they'll also protect you against the competition that hasn't made the effort to do so.
Ratnesh Bagdai Consumers demand regulation. When we get a complaint [at my restaurant] they'll come in wanting a policy on food hygiene, on health and safety. We have to demonstrate that our supply base is clean, that food and hygiene policies are in place, that staff training is in place. For the SME to keep up to date with that when it's growing is a challenge.
Graham Cooley If you had an e-coli outbreak in your business, regulation doesn't protect you from those disasters, but it gives you a quality framework.
Jim Wilkes If your governance is good, would you be covering that as a business risk anyway, irrespective of the regulation? You wouldn't wait for the regulator to come in.
Tim Astley It's a bit more complex where you're not in control of everything. Protocols internally are all very well but you need to look at the entire supply chain and assess any factors that may be outside your control that could have unintended consequences for your business. The REACH legislation to control hazardous materials is an example. Some organisations have found it so onerous that they've stopped manufacturing core raw materials, which has industry thinking it doesn't have any suppliers any more. Looking along the supply chain introduces additional complexities – bribery, CSR, ethical management – all of which need to be managed and understood right across the supply chain.
Graham Cooley But the ones that have complied with REACH legislation when all the others have left
will do incredibly well by having complied – that's your protection.
Andrew Churchill As a small company you haven't got the resources to go and establish whether or not your suppliers are using slave labour. Regulation and compliance to certain standards enables that to be demonstrated quickly, which is important.
David Maeer The regulations we face every day are well thought out in terms of why they're there, to protect us. But the problem is how they're written, which is generally by people who don't know a lot of what they're talking about. The big thing I face is how to interpret it. Until something happens, to you or someone else, you don't know if you've mitigated all the risks of complying. It's a case of keeping up to date with changes and interpretations.
Andrew Churchill The last thing an SME wants is to provide case law!
Ratnesh Bagdai Because of ever-changing regulation and compliance we outsource it. Mark Hix and
I cannot get bogged down with regulation because
we have to drive this business, innovate and create. So we outsource and they keep up with the changes for us.
