Innovation, sales growth, increased throughput -- there are many issues that stimulate thought and discussion in the food industry.
Then there’s risk management.
An essential part of the tool kit of military planners and financial managers, the identification and quantification of risk is gradually spreading to the day-to-day operations of North American food manufacturers. In a very real sense, the FDA's Food Safety Modernization Act codifies the assessment and management of the risks of contamination in human consumables and extends responsibility for checks, controls and verification throughout the organization.
While a wide range of employees is involved in monitoring safety risks, the broader need to identify and assess events that could upset operations remains a responsibility of top management. In a veiled reference to the existential poet D.H. Rumsfeld, Moss Adams LLP’s Shirley Komoto advises food processors to “push thinking beyond the ‘known knowns’ and improve the quality of thinking in your risk assessment.”
As senior manager in the public accounting firm’s Irvine, Calif., office, Komoto has orchestrated numerous enterprise-wide risk assessments for senior management and governing boards at middle-market food companies.
Essentially, the process entails four steps: identification, analysis, response and monitoring of risks and opportunities. Depending on an organization’s appetite for risk, the assessment can result in forceful action, as demonstrated by the food industry’s response to food safety risks, or no action at all, a known unknown response. “If you accept a risk, at least monitor it,” Komoto advises.
Heavy reliance on one supplier or one customer constitutes a risk, which is why publicly traded food companies routinely disclose their percentage of sales to Walmart. “It’s definitely included in the risk assessment of all my clients,” she says. “You can’t rely on them, you have to continue to find new customers who feel they are just as important to you as Walmart.”
A number of methods can be applied to the assessment process, from brainstorming to scenario analysis and the Delphi method, but it all begins at the top. “The longer you ruminate, the longer the list gets,” acknowledges Komoto, but that’s simply good due diligence.
[pullquote]
Spreading an identified risk is a growing trend, and food companies are beginning to follow the lead of the automotive industry when it comes to product recalls. If a $5 part triggers a recall for an engine, some automakers’ supply chain contracts stipulate that the parts supplier is liable for the gross cost, according to Ian Harrison, global practice leader for product recall and brand protection at Lockton Cos. LLC, a London-based insurance underwriter.
Liability policies rarely if ever cover those costs, and the claims can be staggering: Fonterra, a New Zealand dairy supplier, faces a $270 million compensation claim from the Danone Group in France stemming from a 2013 recall that “turned out to be a false alarm,” Harrison told the American Society of Baking at March’s Bake-Tech 2014 conference in Chicago. The incident also resulted in a temporary ban on exports to six countries, including China, Fonterra’s largest customer.
Ingredient suppliers in particular face high risks in today’s business environment. Even the materials used by packaging firms are being scrutinized, as in the case of the March 4 recall of 12,000 cases of Plum Organics pouched baby food. The Campbell Soup Co. subsidiary ordered the recall after receiving 14 consumer complaints about frayed spout fitments that could pose a choking hazard.
U.S. retailers have shown restraint in imposing punitive financial penalties on private label suppliers, but that could change. Four retailers control 80 percent of the grocery market in the U.K., “and they have always been very protective of their own-label products,” observes Harrison. Cost-plus penalties for suppliers who produce foods that later are recalled has resulted in divestitures and loss of ownership of several food firms, he adds.
Citing a Tyco report, he says the average U.S. food recall costs companies $10 million in direct costs. With the number and scope of recalls increasing, those costs are trending upwards. Harrison has firsthand knowledge of seven recalls in Canada and the U.S. with losses totaling $30-130 million.
Litigation motivation
Iron-clad supplier contracts are an impetus for more rigorous risk assessments, but the threat of litigation may be a bigger one. While some risk specialists downplay the significance of isolated incidents of worker injury, others point to those events as an example of the trade-offs between prudent management and affordable actions.
Mike DeRosier is a machine safety specialist with AH&T Insurance (www.ahtins.com), Leesburg, Va., who reviews OEM equipment and validates its compliance with domestic and international standards. Workers compensation is basically no-fault insurance that shields an employer from liability claims by the injured party. That is beginning to change, however. In the meantime, OEMs rely on safety standard validation to demonstrate they were reasonably prudent when designing and installing guarding, according to DeRosier, director of safety in the manufacturing division of AH&T.
“There is no zero risk,” he emphasizes. “You can only reduce the potential to a tolerable risk.” Industry standards are essential guides for OEMs in drawing a line between what is feasible and prudent and steps that would increase prices to a noncompetitive level.
In the event a machine guard is removed or fails to protect the operator, proof of safety standard compliance is the first line of defense. Plaintiff’s attorneys “never go away; they’re going to find something to hang their hat on, but at least you have a defense,” he says.
Unlike the European Union, where a wealth of machine standards can be referenced, the U.S. has many gaps in safety standards, and OEMs must default to general or approximate guidelines. The bakery segment is addressing this with the Z50 Safety & Sanitation Committee, which currently is addressing sanitary design aspects to help wholesale bakers comply with the Food Safety Modernization Act.
DeRosier is one of 45 end users, suppliers and interested parties who are shaping the ANSI Z50.1 and Z50.2-2003 standards, which would supplant the long-standing BISQ standard, widely viewed as inadequate in the baking community.
Many of the new and revised standards are incorporating a risk-assessment requirement, DeRosier notes. An example is B155.1, which was created by the Packaging Machinery Manufacturers Institute in 2006. Like processing equipment, packaging machines typically undergo several modifications by multiple owners during their useful life, and B155.1 puts the onus to conduct a risk assessment on end users and, to some extent, on machine operators.
Certifications and policy procedures are not the end points, Komoto emphasizes. Monitoring and modifying the action plan also must be done. “When you can say ‘We’re doing enough and are confident,’ you then have to ask, ‘Are we executing the process?’ ” she says.
One client instituted drug tests and background checks for new hires, but when her firm audited the process, it found that the farther a facility was from headquarters, the less likely it complied with the policy. “Successful companies are constantly monitoring their processes and procedures,” she says.
Poor process control doesn’t necessarily pose financial or human health dangers. Komoto recalls the manufacturer of protein bars that maintained an inventory of regular and organic almonds and walnuts. After a routine internal audit, the firm discovered only regular almonds were used in one day’s production, despite a work schedule that called for organic and walnut recipes. To prevent a repeat, a visual factory system was adopted, along with training that required minimal spending. “They were having recalls, and they were able to show that this stopped recalls,” she concluded.
Besides financial and regulatory risks, food manufacturers must deal with operating risks. “It all boils down to the quality controls they have in place, the checks and balances of the raw materials,” suggests Karl Ederle, vice president-product management at Plex Systems (www.plex.com), Troy, Mich.
Conducting quality checks from the time raw materials are received through each stage of production and to final product generates considerable amounts of data, particularly for checks done in line. The sheer volume and the need to organize and retrieve it quickly is a data management challenge.
“ERP systems are designed to capture not only financial information but also what is happening on the floor,” says Ederle. Effective cost accounting requires inputs on labor, equipment depreciation, maintenance and other variables, and storing that information in an ERP database addresses operating, financial and regulatory risks.
Whether a machine failure or product defect occurs, finger-pointing and blame-shifting is likely to occur. The deadly Listeria outbreak tied to cantaloupes from Jensen Farms in 2011 is a case in point. Within a week of the owners’ guilty pleas to six counts of introducing adulterated food into interstate commerce, they filed suit against the food safety auditors that gave them a superior rating, accusing them of negligence. Regardless of the suit’s outcome, the case serves notice to third party auditors of the risk inherent in endorsing a processor’s food safety defenses.
From a risk management perspective, that’s a good thing, suggests Lockton’s Harrison. Citing the Global Food Safety Initiative standards, Harrison says critical reviews are an element of risk management. “Manufacturers are being audited more thoroughly, and the auditors are being far more rigorous and critical than they used to be,” he says.
Fresh meat is a high-risk product, and the frequency of public health events and large-scale recalls has driven about two-thirds of meat suppliers to secure recall insurance, Harrison estimates. The ratio in other food categories is considerably lower and, assuming adequate systems to narrow the scope and frequency of events are put in place, are likely to remain low.
Insurance is only one tool for controlling risk. Well-managed firms have other options for reducing threats to business viability.