Vendor Risk Management Failure Example

With an effective enterprise risk management program, risks at vendor facilities would be uncovered and prioritized, and mitigations would have been put into place.

On February 16, 2018, the FDA announced that low levels of an animal euthanasia drug were detected in canned dog food produced by the J.M. Smucker Company. Smucker stock dropped by 3% resulting in a loss of more than US$ 400 million in market value.

In a statement, the company said that it had “identified the root cause to be a single supplier and a single, minor ingredient, used at one manufacturing facility,” adding that it was “extremely disappointed” by the contamination.

With a mature and effective enterprise risk management (ERM) program, J.M. Smucker’s would have administered risk assessments to key vendors, completed proper vendor due diligence and risks at their facilities would be uncovered and prioritized, and risk mitigations would have been put into place.

Why should consumers expect J.M. Smuckers’  vendor risk management failures to be limited to just one of their dog food brands? Smuckers makes food for humans, too.  If the company was not able to effectively manage the risk from the dog food vendor that allowed poison into the product from one of their dog food brands, how are they managing their vendor risk across the rest of their food brands?

In today’s see-through economy, these kinds of missteps are brought to the public’s attention almost instantaneously. Armed with the knowledge of this failure, consumers will now have to ask themselves whether they can trust the other products they provide, and whether they’ll support the J.M. Smuckers brand. Companies that fail to invest in proper and effective risk management to prevent failures from occurring in the first place lose sales, revenue, and market value.

I expect this failure in risk management will be found to have occurred in the past. Unless J.M. Smucker invests in effective risk management and especially vendor risk management (while following examples of best practices) to overcome their negligence, it will likely occur again. Furthermore, I expect this scandal to have a detrimental effect on the sales of the company’s many other food brands.

2017 showed American consumers that corporate failures are just about a dime a dozen, and that repeat offenses are far from uncommon. Wells Fargo, Chipotle, and Uber are only a few in a long list of companies that have failed to identify the root-cause of their risk, that is, a systemic lack of risk management oversight and mitigation activities. Thus, it will be to Smuckers’ benefit to quickly adopt ERM processes and infrastructure in order to protect their other departments and products from similar disaster.

See Also: What Is Vendor Management Guide?

Environmental, Sustainability, and Governance (ESG) investing is a term that is often synonymous with socially responsible, sustainable or impact investing. ESG investors consider environmental, social, and governance factors alongside financial factors when deciding whether or not to purchase a particular investment. From 1995 to 2016, responsibly managed investments have grown from $639 billion to over $8.72 trillion, an increase of 1,265%. Today, nearly one out of every five dollars under professional management in the United States is involved in some form of sustainable and responsible investing.

The See-Through Economy: Smuckers now face losses and liabilities not only from the FDA for violation of quality and safety, lost sales from customers switching brands but also investors who are abandoning the stock due to failures in risk management, the foundation of good governance. Establishing an effective ERM program for vendors is of upmost importance. In addition to the moral hazard of poisoning customers, how can Smuckers continue to be financially negligent in their risk management responsibilities?

According to Censible, “J. M. Smucker performs very poorly among its competitors on corporate governance. This score is determined by the company’s accounting practices, executive pay, board organization, and ownership structure.” LogicManager has proven in a joint study with Queens University in the United Kingdom that organizations with adequate enterprise risk management programs have a 25% higher market value.

Failures in risk management are typically systemic. While a company can outsource activities to a vendor, no company can outsource their accountability for risk management. Scandals like this are entirely preventable but not only happen but reoccur because these incidents are treated as “isolated occurrences” as Smuckers appears to be doing, rather than recognizing the true root cause which is a poor risk management program is not addressed. This vendor risk (and others) would have been uncovered by using software for vendor management.