Episode 14: How Admiral Transformed Procurement Into a Strategic Powerhouse with Chris Mclellan

Chris McLellan – 00:00:00:

The whole concept of third-party risk management as a discipline, as a sub-discipline that would sort of sit alongside procurement, either within the procurement team or as a dedicated discipline, has become very much more at the forefront. And now as the economy and the global economy moves into a very uncertain time, this is ever more important because resilience of supply chains internationally, globally, locally is important. And maintaining that consistency of supply is now more important than it’s ever been.

Intro Ad – 00:00:31:

The Powering Procurement Podcast is brought to you by Atamis, sourced to contract software designed to save you time and money. 

Intro – 00:00:37:

Hello and welcome to Powering Procurement, a podcast by Atamis, where we unpack the world of procurement and supply chain management with the help of industry leaders. I’m your host, Sian Lloyd, and this is our resident expert, Gareth Burch.

Gareth Burch – 00:00:56:

Hi, after 20 years in Procurement, I may be billed as an expert, but believe me, I’m here to learn too.

Sian Lloyd – 00:01:03:

Each episode, together with our expert guests, we’ll dive into specific challenges and opportunities facing the procurement industry today.

Gareth Burch – 00:01:12:

And we’ll explore easy wins and longer term strategies to help you rise to the challenge of driving value through your work while showcasing the power of procurement.

Sian Lloyd – 00:01:22:

So let’s get going. Hello and welcome to Powering Procurement. Today we’re joined by Chris McLellan, Group Head of Procurement at Admiral Group, Wales’ only FTSE 100 company. With a career spanning public and private sector procurement, Chris has led procurement transformations across complex organizations, from Cardiff Council to Atebion Solutions. And now at Admiral, where procurement plays a key role in innovation, risk management and supplier governance.

Gareth Burch – 00:01:54:

Chris brings a wealth of experience in third-party risk management, contract strategy, and procurement resilience, all crucial in today’s volatile landscape. Most recently, Chris spoke on the CIPS Risk and Resilience Panel alongside industry experts to discuss how procurement teams can enhance data visibility, mitigate supplier risk, and build resilience across the procurement lifecycle. Today, we’re diving deep into third-party risk management and geopolitical risk. Two critical challenges for procurement. Navigating supply chain disruptions, regulatory changes, and an increasingly unpredictable global economy. Chris, welcome to the podcast.

Chris McLellan – 00:02:39:

Thank you both, and thanks for the introduction, and thank you for having me today.

Sian Lloyd – 00:02:43:

Well, it’s great to meet you, Chris, and we’ll dive straight into the podcast with a question we like to ask all our guests, really, is to get a little bit of your backstory to hear about you and to know how you got into procurement in the first place.

Chris McLellan – 00:02:58:

Yeah, it’s probably not dissimilar to a lot of people that you have on the podcast over a certain age, because this is largely before academic courses were dedicated towards procurement. But I ended up in procurement by chance, came through a university with a fine art degree, believe it or not, and just walked into a manufacturing environment for my very first job as an assistant buyer. And that’s how I got into procurement, not by choice, just by chance. Found that I really enjoyed it. Manufacturing 25 years ago was different as it was today. There was quite a lot of it in South Wales, as we’ve seen a massive decline, and ended up starting the career off in an engineering firm. Germany moved around over the preceding 15 years in various roles in manufacturing, heavy industry, believe it or not, cosmetics, going on to Defense. And then ended up in the public sector in Cardiff Council, where I’ve spent the last 10 years before joining Admiral. And yeah, it’s been a really interesting career. Lots of very strategic projects. Met a lot of interesting people. And for me, it’s just that job variety. Procurement is always a different job every day. You may well walk into a different scenario, a different problem. It’s a use of analytics. It’s a use of negotiation. It’s a use of being a people person. And that’s what’s kept me interested and energised by the role, really.

Sian Lloyd – 00:04:28:

Yeah, that’s really fascinating. It’s always great to hear about people’s journey. And perhaps just being a bit more specific and looking at the past decade now, Chris, in terms of approach to third-party risk management, how would you say that’s shifted over the past 10 years? You know, has there been a big shift?

Chris McLellan – 00:04:48:

Absolutely. Risk used to just be a very small element, to be perfectly frank, and it was always, and it still maintains cost competitiveness and the commercial outcomes. So price is always a strong driver. But the actual concept of third-party risk management is relatively new. I’d say in the last five years, it started to really bed in, and it’s more sector-specific than certain areas. I mean, within the public sector, we were always looking at the public contract regs, value for money, and the most economically advantageous tender. Coming into the financial services sector, TPRM has been well established, and this is more now moving the dial over to the resilience piece and looking how your suppliers that affect important business services, keep the business afloat, are critical to the performing nature and ongoing support for customers, right? And when they affect and touch customers, this is particularly of high importance. So the whole concept of third-party risk management is a discipline, is a sub-discipline that would sort of sit alongside procurement, either within the procurement team or as a dedicated discipline has become very much more at the forefront. And now, as the economy and the global economy moves into a very uncertain time, this is ever more important because resilience of supply chains internationally, globally, locally is of importance. And maintaining that consistency of supply is now more important than it’s ever been. So I think that’s raised its profile, and it’s now up there with procurement in the forefront of leading and championing this discipline.

Gareth Burch – 00:06:35:

No, it’s quite interesting take on that, Chris. I think one of the challenges you particularly have in your new role today within the Admiral is very much the regulatory aspect as well. So procurement professionals, will encounter elements of third-party risk management and operational resilience but situations not so much in the UK but in Europe have definitely led to that tightened control by the regulator. To make sure the customer is always protected but you have that resilience. So I suppose it’s you’re in a bit more of a difficult position than other procurement professionals outside of financial services.

Chris McLellan – 00:07:27:

Yes. And that’s such a good point because, yeah, the reg landscape is forever changing. It’s forever tightening. You’ve almost got to keep one eye on the regulation that’s coming down the tracks, as well as you would know in the public sector with the public sector reforms, but also in financial services. I was quite amazed by the level of and depth of regulatory control. So we’ve got European regs. We’ve got the UK Financial Conduct Authority regulations. And it’s all about, as you say, coming back to that point about resiliency due to the fact that, obviously, risks associated with cyber, with trade tariffs, with all of the aspects which are now heightened are going to have a massive impact on the ongoing performance of the financial services sector in the UK. And therefore, we have to always keep a sure eye on our supply chain to make sure those suppliers supply of goods and services into the industry are maintained. So, yeah, it’s an ever-changing, evolving sector of the industry.

Sian Lloyd – 00:08:37:

Plenty to keep you on your toes, Chris, I know, and your team. Let’s dive into perhaps balancing the depth and agility in supplier risk management then in a little bit more detail now. And well, you know, I’ve picked up and understood from being involved in these podcasts that procurement teams really, they’re under a lot of pressure at times, you know, they’ve got to onboard suppliers quickly, and they’ve got to carry out comprehensive risk assessments as well, haven’t they? So it’d be really interesting to hear a bit about your experience and, you know, the effective strategies really that are needed to be able to do this effectively, you know, balance that due diligence, but also the need for speed and agility in procurement.

Chris McLellan – 00:09:22:

Yeah, no, it’s a really good point. And it’s probably one of the biggest aspects of concern for me as a procurement leader is balancing the teams that we manage collectively within this sector and their capacity to look at both sides. Because generally, we service our internal customers. And it’s generally, yeah, as you say, if they want to onboard a new supplier or do a procurement activity that would mean by, it might be an RFI or a request for a quotation or a tender exercise, this takes a lot of time. So generally, we always look at have we got a robust set of business requirements, a set of specifications, do we understand what we need to go out to the market for as a first starter for 10. But then we look at sort of areas to take out the risk. So that would be supplier segmentation. So we’d look at the requirement, we’d look at the complexity, the value, and we try to segment the supply base into risk classifications, which would traditionally be, you know, the critical suppliers, strategic suppliers, and then down to more transactional where you might only need a light touch set of controls to bring that supplier on board in terms of risk allocation and risk review. At least then that takes the weight off. And it’s not every supplier receives the same type of approach because that would just slow you down. So it’s giving the customer, internal customer that is, that sense that you can still work in an agile environment. Speed up the procurement front end of the procurement life cycle while still balancing where there is appropriate levels of due diligence and risk management control then, that’s applied and that’s generally what we would do from the sort of the process side and then as we all know technology is moving at pace we’ve got we got so many um software packages so we call it the procurement tech stack right so we call it the technology stack and there’s so many products out there now to help uh, procurement professionals in the industry, not just in financial services, but in general procurement world. Um, to help us with that, and they, they, they vary from, sort of, um, due diligence, uh, automated due diligence platforms, that will allow suppliers to fill out a load of questions predefined. And then we can just go on to it and see, where their, um, checks and balances are, and where their controls are met. Verging down to AI tools that do data scrapes, look at reputational risk. We have our financial control planning risk, which looks at the finances of suppliers. And those tools are going to be invaluable going forward because they just take the headcount and the admin burden off procurement teams to allow them to focus on more value-adding projects, which would be around, you know, getting the best price, bringing that supplier on quickly, and then just continually monitoring those risk positions so that we don’t have to have a big bundle of work on an annualized basis. It’s sort of forever live and those risk controls can be always maintained.

Gareth Burch – 00:12:19:

And I think from my perspective, When you start considering, technology and process within the risk management space balance, I think is the right word, because, where we try and automate as much as possible, utilize technology as much as possible. It still requires that person that person at the end to action it. And the more we can do to help guide individuals provides, more time, and more effectiveness. With the delivery of mitigating risk or managing risk. If you don’t know, you don’t know, but if you’re told something might not be right here. It gives you every opportunity to get ahead, and in regards to the like, sort of building on the balance point. It’s interesting what you said a minute ago, Chris, in regards where we talk balance around how third-party risk management is performed by procurement. So within our podcast, we’ve heard from lots of people about the stretch on procurement. So this is very much started as cost reduction, focused on that value drive activity. It’s moved into risk management. It’s moved into more ESG aspects. Supplier management is on the rise. And it’s so hard to deliver all of this. It would be good to explore if you’ve delivered any initiatives which have helped balance.

Chris McLellan – 00:14:05:

Yes. Yes, it’s a really good point because, as you say, the skill set for the procurement professional has exponentially grown now, right? So it is cost quality, delivery, time, you know, and now it’s, as you say, it’s having an awareness of all of the other areas. And ESG is a massive area of growth and we should all be cognizant of that. But the risk professional, right, is an area that is a very defined specialism and it does come at a price point, right? So the ability for procurement teams to have the ability to go out and retain and bring in these type of skills is very, very difficult. So, yeah, looking at technology, you know, we’ve looked at sort of the typical things that we would do is try to look at introducing some controls that we can do now, right? So, and I hate to mention it, right, because everyone hates a good spreadsheet, but, you know, inherent risk questionnaires, right? Trying to do a bit of an inherent risk questionnaire, which is something which we do after the segmentation process that I’ve tried to introduce into Admiral is where we would look at that to give us like a gross risk picture. But then also investment in technology. So we’ve tried to look at one of the due diligence tool platforms out there to bring that in that would then complement that so that we can say, right. We’ve done an initial trawl. We’ve segmented the supply base. We know that we got some criticals from strategic suppliers over here. Based against what our business need is, our inherent risk is, we’re thinking these are the gross risk, right? We need to go investigate these further. And then platforms that are available out there, don’t want to name names, but there’s many, are able to then get the supplier to sign up to these platforms. Some of them are free, some of them come at a cost. And then we’re able to get a really good risk picture. Some of these platforms are brilliant now. They’ll look at concentration risks or where that supplier is supplying our peers or our competitors. And we can see from the UK regs are very big on concentration, because if that one supplier goes out, it could drop the whole industry. So we get some of this visualization now, which is really good contextual data, more than we’ve ever had, really. And it just gives the procurement professional the ability to go back to the client and say, you know, some significant risks over here, or there’s risks that we can mitigate. We might need to bring other teams in specialist areas from your cyber infosec. And we might even need to go and do some on-site audits, or we might need to look at some platforms that do that for us. So it is that whole thing, excuse me, a balance in the cost versus the time to cover the risks.

Sian Lloyd – 00:16:36:

Yeah, that’s really interesting. And particularly what you’re saying there about data. And Gareth, that’s something we’ve heard a lot about, isn’t it, in terms of it’s all in the data, but also everybody will have perhaps a slightly different approach to that data and in terms of the pickup of it as well. So thanks, Chris, for that really, really good point. Let’s take a look perhaps at the cybersecurity risks now in the supply chain. And we’ve heard about them certainly growing. What is Admiral’s approach to cybersecurity resilience, and how they assess a supplier’s cybersecurity resilience particularly?

Chris McLellan – 00:17:13:

Yes. I mean, cybersecurity is obviously a hot topic for most organizations, not just the financial services industry, because most organizations are so heavily embedded in technology, right? Everybody has a web presence. Everybody is trading on the internet and cyber attacks are on the app. So within the FS sector, there’s a massive gambit. I think operational resilience was based on the cyber aspect, because a lot of the banks and insurers are tech, essentially tech companies, aren’t they? We have a very big tech team. We have dedicated professionals in the cyber and information security areas and the landscape is changing. So some of the tools I mentioned earlier about. Due diligence. Probably, you know, our typical due diligence questionnaire that used to be, you know, 475 questions that Gareth will know a lot about, 220 of those were actually based for information security and cyber. So there’s a massive focus on this area because most of our suppliers in the financial services industry are technology, right? They’re usually software providers, SaaS solution providers, and we bring them on board. So we’ve got a massive risk there bringing them on to the estate. So suppliers are seeing it more and more as a bit of a USP to be signed up to some of these due diligence platforms so that when we come to them, they can say, well, I’m already on this platform or on this platform, you know, so that actually is a really good benefit. It’s a USP for them because they get access to more market share. They only have to fill out the questionnaire once online and then it’s available to all the other customers that we would then go to the platform for. So I think the sort of reticence of suppliers to fill out these things is changing because they’re seeing it. They have to do this as part of their business and they factor it into their business model. And that’s sort of the middle tier, the bigger end with some of the big international players that remain nameless. You know, they’re very, very strong in that area and they won’t fill out individual companies questionnaires. So they’ll just say, look, I’ve got a trust site on my website. It’s got all my due diligence criteria, all my cybersecurity certificates. You know, are they ISO 9001? Are they using NIST? Are they using some of the industry standards, US and EU? And that’s all available. So you just go and shop on there. You can have a look at that and you just tell yourself whether that’s good enough. And, you know, we sometimes have to do that or we might even have to pay the supplier to do that. So it’s a moving feast. The big international software houses are quite difficult to work with. But the mainstay, everyone sees it as competitive advantage. And it now has been falling into business as usual. It’s part and practice of what they do. If they want to compete and they want to win business, that’s what they’ve got to do. So it’s it’s still a massive area of risk. We’ve invested inordinate amounts in teams. But we try to stay on top of it. But hey ho, you can’t you can’t stop a crowd strike issue happening. You know, it can be an innocuous thing. It might not be an attack. It might be an update. So these things are still going to happen. Recently in the press, we had a couple of banking apps go down a few months ago. And again, you know, these things happen, right? But it’s a significant issue for customers because, you know, if you can’t get on your banking app and there’s fines, there’s reputational risks. So yeah, always remains one of the top priorities, really.

Sian Lloyd – 00:20:47:

Yeah, that’s really interesting. And it certainly sounds from what you’re saying, Chris, that perhaps suppliers are being more proactive then in this area rather than sort of seeing it as not such a priority.

Chris McLellan – 00:21:00:

Yes, I think they’ve invested heavily. If they’re in the tech space, they’ve realized that’s part and parcel of being able to compete. It does set them apart from their peers. We would always look for those suppliers who’ve already signed up to some of these platforms because it makes our lives easier. And therefore, it’s a virtuous circle. So it’s a strong, maturing market. But that’s not to say that cyber attacks are always changing, evolving, aren’t they? They’re always moving out. So you’ve always got to try and stay one step ahead of where the next attack is going to come from. So yeah, it’s an interesting subject, especially with the rise of AI. But we’ll probably delve into that in a minute or two.

Gareth Burch – 00:21:44:

Yeah, I suppose the cyber risk threat becomes more of a concern when you start factoring in data and not so much potentially admiral’s data, but admiral’s customers’ data and how that data is shared back down the supply chain for you to deliver your end-to-end service to your customer. But ensuring you’ve got the right level of protection, and you or your supplier have that right level of protection all the way through to secure. And that way, you’re able to, if something were to happen, understand who has what, where is what, and who potentially could be affected. It must be a really difficult task, especially when, as you said, it’s an evolving risk.

Chris McLellan – 00:22:37:

Yeah, no, that’s a really good point. I mean, you’ve got the GDPR regulations and we try to use that in our assessment when we’re onboarding, coming back to the original question. So some of the criteria in that segmentation would be, is that supplier going to be touching customer data? And then it’s the whole raft of, let’s do an impact assessment. Where is that data going to be held, stored? With the public sector hack, it needs to be, say, in a data center within the EU. What are the regulations and laws that apply to that? And how is that data going to be exited on the basis that you might move away from that supplier? So yeah, those controls are all there now. And, you know, we’ve tried to build up a register of that. So if you ask me a question, can I be able to report on that? Then we’ve got that ability now to be able to say, well, these suppliers have all been classified as a minimum of strategic because they’ve got customer data and the risks are so high. So yeah, we look at that. It’s a significant risk and the appetite is low. Most organizations would have a low approach to that because, you know, the impacts could be massive if there was a personal data leak and it came back to the customer, IES. So yeah, it’s a big area of concern for us and we think we’ve got, you know, a good level of control in that area.

Sian Lloyd – 00:23:58:

That’s great to hear, Chris. And let’s perhaps look at another risk now. And I’m conscious when we’re talking, you know, we talk about risks in the podcast, but also what we’re really covering here are the solutions and the positives and what’s being done around these risks, which is really what Powering Procurement Podcast is all about. You know, we’re really solutions based here. So it’s great to hear the solutions that you have there, Admiral. But I’ll move US on to geopolitical events and the impact really of global uncertainty on procurement, which, you know, is something that is cropping up, seems, on a daily basis. So how would you say that you anticipate and mitigate these particular risks from global disruptions? It would be great to hear your point on that.

Chris McLellan – 00:24:45:

It’s so interesting at the moment because there is so much movement on the geopolitical landscape and stage, right? So, you know, we won’t go into politics, but, you know, the Trumpism effect is clearly something that we have to watch. Trade tariffs we’ve seen over a number of years in various guises. And probably in the FS sector, it’s still a massive risk, right? You know, because input prices will move globally, so that will affect IT hardware and stuff. But we’re not a manufacturer, right? So it’s not probably as prevalent as it used to be for me if I’d been working in other jobs in the manufacturing sector and the impact to tariffs on steel and raw materials, etc. But obviously, you have to be cognizant of that and you have to look at sort of strategies to appreciate that. So, again, coming back to something which is an evolving piece, which is the use of AI to do sort of data scrapes, to look at supply markets and to look at alternative sources. Because a lot of procurement professionals would generally go with single source supply strategies. And now we’re having to look at dual sourcing or supply diversification, where you would look at supplies from maybe other regions of the world where those tariffs may not exist. That creates time. It does create complexity and it does add cost. Because invariably, you know, you might be able to secure not as effective cost leverage when you’re watering down your volume, right? And countering to that, though, we do look at developing strategic partnerships, developing real sort of, and, you know, it’s not to coin the cheesy phrase, win-win approaches, but looking for those suppliers who see you as a customer of choice and they want to supply you. So, really becoming appealing and it is about brand reputation. You know, we are the only FTSE in Wales and we’re one of the leading insurers in the UK. So, a lot of suppliers really want to trade with us and supply us. So, that’s another added bonus or a lever we can deploy. But it is constantly watching the landscape. Whilst you’ve got the geopolitical stuff going on, you’ve got the reg landscape evolving to try and make those controls. We use software, you know, like I’ve said previously, and those tools out there to sort of look at, you know, suppliers from a financial standing point of view. Have they got any sanctions, you know, especially when the Russia-Ukraine conflict started? And then we look at those politically exposed persons that might be linked to those suppliers as well. And, you know, data again, it all comes back to data and the availability of these platforms to provide you that insight so that you know where your suppliers might be effective or if their parent company might be effective, whether it is, you know, it’s reputationally a risk to do business with that supplier. So, those are sort of generally the tools that we deploy. But it is an ever-evolving risk and it’s something that’s obviously ramping up more than it ever has been. So, we’re in a very heightened state of sort of awareness.

Gareth Burch – 00:28:01:

Thinking on that, sorry. A bit slow then. So we’re thinking about that. It’s quite interesting. So obviously the peps and sanctions element is such a critical undertaking. I… And I remember the start of my career within financial services, it was referenced. It wasn’t deemed as a significant risk. It’s obviously progressed massively, mainly down to, uh, the Ukraine-Russia situation. But then I suppose, the Ukraine-Russia conflict, did that drive risk impacts to Admiral in regards to more your claims supply chain? So where a lot of raw materials are manufactured there. Or sorry, raw materials were mined there. Exported into Europe, I assume. Converted to a catalyst, uh, converters, uh, probably converted, converted, probably not the right, uh, thing there. Um, and then shipped to the UK. Um, I remember, there was a big insurance, uh, theft. 10 years ago, roughly, around catalyst converters because of the raw materials. Now, all of a sudden, your raw materials aren’t available. And then that supply chain disruption would then flow into your world, I’m assuming. And then you’re also balancing risk with this potentially significant cost increase, which not only affects your end customer, but then also affects your expense ratio.

Chris McLellan – 00:29:55:

Yeah, 100%. And these are the risks that now are playing out. So, you know, it’s about looking at alternative sources of supply. But where it’s raw materials and it’s raw minerals, as we well know what’s in the press there, then, you know, it is what it is. And we’re quite stuck, right? So that price variability and that fluctuation is going to be something that businesses in general, where those things will happen. So whether it’s the whole supply chain, right? So it’s the catalytic converter manufacturers, the OEM car parts providers. It’s the distribution. It’s the cost of the car to the consumer. And then it’s the insurer for the replacement in an accident situation or repair situation. And then we got a similar thing on the housing side because of, you know, things like solar panels. So we’ve been looking at those type of things from an ESG perspective to say, look, you know, is there a risk of modern slavery? These minerals being mined, you know, and you’ve heard the stories about, you know, how those things are coming out of the ground. But now it’s actually about availability. So it’s a dual side. It’s the price point risk as well as the ESG balance act as well. So, yeah, it’s a really difficult time. You know, you’ve got the sort of chip walls going on in terms of computer chips. And that impacts a lot with the rise of AI in the data centers and NVIDIA, you know, in production. So that’s going to be something that we’re going to watch closely because, obviously we’re all using, you know, data warehouses to mine the data. And we’re a massive buyer of IT tech. So that could be a risk input for us as well. So there are a lot of cost drivers, as you’ve just highlighted, that, you know, are pinch points for us that we have to maintain visibility over.

Sian Lloyd – 00:31:43:

And perhaps a wider thought and drawing some of those strands together, Chris, you know, global trade policies we’ve just been talking about. Obviously, Brexit regulations came in, ESG compliance, you’ve just been touching on that. You know, is it fair to say really that these things are reshaping procurement landscapes even?

Chris McLellan – 00:32:04:

Yeah, no, it’s a really fair point, Sian. I think that awareness is now starting to hit home that maybe, you know, firms are either going to invest a bit more into their procurement teams and whether that’s like in a risk professional environment or in the procurement team or in a resilience perspective to actually have some people on point for this type of stuff to actually full-time looking at the landscape, the resilience piece, you know, looking at exchange rate variance, you know, to need to start buying and hedging on our currencies to offset those risks as well. And I’ve done these things in various roles over the years, but I think now more than ever, it’s a time that this stuff has to be consolidated as a sort of in a single area to be looking at these points just to give the business a bit more visibility and the use of technology. I think Gartner calls these impacts Black Swan Events where suddenly it just happens and how prepared are you for them? And, um, I think it can, can now become another, uh, tool in the, in, in the toolkit that we have to be on point for, um, because, um, it’s, it’s going to increase, right? And it looks like it could get, um, a bit worse before if we go into a full trade war, that’s going to be very, very difficult, uh, for the next couple of years we see with input prices rising.

Gareth Burch – 00:33:24:

And I suppose when we, when we consider that, Admiral is a global company. What would that impact be to you? Because obviously you are more than one location. And that impact must be different to other procurement professionals, what they’re facing today.

Chris McLellan – 00:33:48:

Yeah, no, it’s a really good point. I think that’s part of the debate, right? And it’s about actually getting our hands around it as an international firm and working with my other peers in Europe. We’ve got a very small operation in India that does it support services for the UK arm. We’ve got an operation in the US and in Canada. And just staying. And it’s, again, that use of data, being able to say, right, okay, what are we spending? Where are we spending it? Do we have that MI coming into the group center? Can we look at those leverage deals? Can we look at those economies of scale? Where are they getting better? Have they got supply chain resilience issues in Europe? And looking at trying to take a more holistic view from the top down. And that’s one way of mitigating the risk, right, before it happens, we find one entity in Europe has just suddenly had a supply failure. And they’ve fallen over, right? That can’t happen, right? So it’s about risk teams working closer together in this industry. Sorry. We have three lines of risk. So your first line, which is generally your business area. Your second line, which is sort of at the group. And then third line is audit, right? Audit comes in, taps you on the shoulder and says, have you done it? Have you followed your process? So it’s about the first and second line risk teams working really closely together and across European boundaries to ensure that. And then we get communication with our peers in Europe. And we are sharing more data. But it is about working closely together. And I think that’s really a key for any international firm is closer collaboration.

Sian Lloyd – 00:35:27:

We’re hearing a lot, Chris, you know, about the planning. We’re hearing about the use of data and, you know, strategies in place. I suppose sometimes supplier failures do happen, don’t they? And perhaps this is an area we can just spend a little bit of time exploring with you because it would be great to get your insight and your experience as well here. How do you approach, well, to start off with a contingency planning for the critical suppliers who don’t meet expectations? And I suppose here it’s a little bit more about those sourcing strategies. You know, what have you found the most effective in mitigating supplier risk?

Chris McLellan – 00:36:08:

Yeah, sure. It’s a really good question. I mean, ultimately, the regulations help support us in this area. So the operational resilience regulations in the Financial Conduct Authority for the UKFS sector are really strict on this. So they’ll look at it from the perspective of, do firms like ours have that business continuity plan in place? Have they spoken to their critical and strategic suppliers and have they said, right, as part of the onboarding process, we need to have your BCP plan. Now, that’s not just their corporate BCP plan of what happens if they fall over, but that’s a BCP plan that’s dedicated to your supply service. So what are you buying from them? And that is dedicated. So we have those plans. We review them. Are they robust enough? Do they meet the level of control if that supplier was to fail? And then we have the alternative or supplementary was if that supplier was to fail, do we have an exit plan? So what’s the plan B? What is that? And we call that exit plan a stressed exit. So you can have a planned exit, which is just you’re finishing the end of the term, that contract, you’re moving on to a new supplier, or you have the stressed exit, which is the one everyone worries about, which is that supplier’s gone pop, it’s fallen over, something’s happened. It could be an IT outage, it could be a financial failure or something you didn’t plan for. And those stress exit testing is a new area. It’s a very, very evolving area. These regs have only come into play in the UK since 2022. So this is an area where we’re finding that we work with colleagues in our operational resilience team, the risks team and the procurement team, and we review these plans with the client who’s using the service to ensure that, okay, is that workable? And if that stress exit test says, right, we need an alternative supply, have we got another supplier teed up and ready? And this is where it’s a new area because we’re going out to suppliers now to say, well, actually, you might not have this contract currently. But there’s a business opportunity down the line that maybe you might be able to take on this supply if we had a failure. And it’s almost like having a bit of contingency in your supply chain. And they may well not have priced it up yet because, you know, currently you’re not going to get that business, Mr. Supplier. But you might. And it’s just having those conversations teed up and ready so that you can switch. And switching costs are very high in some industries and in some markets, especially in the FS with IT, as Gareth will know. And you can’t just switch overnight, right? This could take six months. So you’ve got to have some tolerance levels that are set appropriately. And some outages you could mitigate within, you know, 24, 48 hours. Some will take you six months. Some might even take longer. So it’s having those appropriate levels of controls in place against those particular suppliers so that if they did fall over, you can at least then enact your recovery plan.

Gareth Burch – 00:39:04:

No, I think you’re right there, Chris. One of the things I slightly struggled with when in financial services was when you start looking at the contingency planning. From a cost perspective, you can’t have two different solutions running in parallel with more of an active-active or a hot-hot sync. The cost to deliver that is… Insane and you’re then coming down to we have to accept the risk or and what that risk looks like because when you’re under the cost pressure microscope, How do you justify it? And if you’re then using, especially in today’s world, a true cloud solution, which should have sufficient failovers in place. Is that enough for the contingency plan? And these are some of the areas I kind of struggled with, particularly on financial services. But then even to the point with categories planning and understanding the categories, how many suppliers or contracts under each category. They’re not easily transferable and if you do have a supplier who performs a certain service and if I pick on in your insurance world and windscreen Windshield Repairs there is one very very leading name in that space won’t they names as well but it’s one they dominate the market they’ve acquired competitors they’ve had significant growth How do you put a contingency plan in for all your competitors using the same provider? And something goes wrong.

Chris McLellan – 00:41:02:

Absolutely. Absolutely. I think it’s a practical approach because the regulators sometimes maybe don’t see that in the real world, it might be a vertical supply. And how do we move away from it? And you’re right. You’ve got to leverage your cost strategy. Are you a volume user? Have you got that reputational aspect they want to trade with you? You’re a customer of choice. And it’s those type of deployment of those strategies to mitigate when the market’s vertical, right? You’re pretty much stuck. You can’t go anywhere else. And that is an issue. And that is an issue. But coming back to Sian’s point, it is an issue that I don’t think businesses at the moment are prepared to balance cost versus supply resilience. Because, you know, we might need to add more people into the team to constantly. We can’t dual run supply, as you just mentioned, right? So, it’s about that fact of do we trade off and pay a bit more to maybe have two suppliers in that arena, at least active? Or do we invest in new technologies? And there’s even been talk about vertical integration with some FS firms now are looking at. And the regulation does stipulate. Are you in a position to buy into that failed supplier? And that’s a whole new area. And it comes at a significant cost impact if there was a failure. So, it would prop up certain areas of the industry if that was to happen. So, I think it’s an evolving piece because, obviously, cost efficiency is still a major driver for most industries. And it is at the concept of balancing the two.

Sian Lloyd – 00:42:46:

Absolutely great to have both of your insights on this. And I think we’ve really covered an awful lot of ground in this short podcast. I feel we’ve certainly got around to the corners of procurement here. So this is leading US to our last question, Chris, which we do ask all of our guests. And really because The Powering Procurement Podcast is all about shining a light on the profession and, you know, recognizing like lots of different industries and sectors it faces certain challenges around recruitment and attention. So for perhaps younger people who are thinking about where their futures are going to lie, why are you happy that you did choose procurement?

Chris McLellan – 00:43:25:

Thanks for that, Sian. It’s a brilliant question. For me, it’s the ever-evolving change. You never know what you’re going to be faced with on a daily basis. No two days are the same. The fact that procurement is a people-centered role, you are talking to stakeholders at all levels within the business. It is recognized as a significant value adder. So it does now have a seat at the table in most organizations. There’s a great career pathway in that. The profession is recognized. We have a Chartered Institute Procurement Supply that I’m a member of and I’ve studied for, and there’s a massive career pathway towards it. And I had to mention it, with the rise of AI, don’t be afraid of it. It’s going to be an enabler. It’s going to make procurement professionals’ jobs more streamlined. We’re going to have more data than we’ve ever had, and they’re still going to require a human element in the negotiation, because I don’t suppose we’ll be negotiating with bots anytime soon. So I think it’s a really good profession to get into, because it’s got a lot of career opportunity for most individuals.

Sian Lloyd – 00:44:33:

That’s brilliant. Thank you so much, Chris, for sharing your story with us. What Admiral is doing in this space at the moment. It’s been fantastic chatting with you.

Chris McLellan – 00:44:43:

Thanks very much.

Gareth Burch – 00:44:44:

Thank you, Chris. Cheers.

Sian Lloyd – 00:44:47:

This brings us to the end of series one of The Powering Procurement Podcast. And personally, it’s been absolutely fascinating being your host. I’ve learned so much, a real eye-opener into a new sector for me.

Gareth Burch – 00:45:01:

We’ve had some great guests on the podcast with some incredible experiences. And I think you’d agree with that, Sian. And I’m hoping our listeners learn and can take away. Key information to help them progress in their career. A key trend as well is procurement has found people, people haven’t sought after it, which is the same for me. And hopefully it educates people on the profession.

Sian Lloyd – 00:45:29:

And you can keep in touch by following Atamis on LinkedIn. We’ll see you for Series 2.

Gareth Burch – 00:45:38:

That wraps up this episode of Powering Procurement. We hope you enjoyed that as much as we did.

Outro – 00:45:44:

Visit our website at atamis.co.uk or follow us on LinkedIn to continue the conversation. Remember to subscribe on YouTube and follow us on Spotify, Apple Podcasts, or wherever you choose to listen. Thanks for joining us and see you next time on Powering Procurement. 

Outro Ad – 00:46:02:

The Powering Procurement Podcast is brought to you by Atamis, sourced to contract software designed to save you time and money. Choose the apps you need from pipeline and tender management to supplier and contract management. Get the tools to power up your procurement. Visit atamis.co.uk to learn more.