Procurement risk is often treated as an onboarding hurdle, yet that is precisely where many organisations go wrong. The real exposure usually appears later, when a supplier’s insurance has expired, a licence is no longer valid or a poorly performing subcontractor is quietly brought back into the fold because no one recorded what happened last time. Felix says the answer is to manage risk as a continuing discipline across the supplier relationship, not as a one-off approval step.
...Continue Reading This Article
Enjoy this article as well as all of our content, including reports, news, tips and more.
By registering or signing into your SRM Today account, you agree to SRM Today's Terms of Use and consent to the processing of your personal information as described in our Privacy Policy.
That approach reflects a broader shift in procurement itself. Rather than functioning as a purely cost-driven back office activity, procurement is increasingly expected to support value creation across the wider supplier network. That makes risk management a relationship issue as much as a compliance one, with controls needed before work begins, while it is under way and when the contract ends.
The types of risk are familiar. Compliance failures can involve safety, environmental, social and governance obligations, modern slavery requirements or sector-specific licensing. Financial weakness may show up as insolvency, fraud or unstable pricing. Operational risk covers missed deadlines, quality problems, capacity constraints and opaque subcontractor chains. Reputational damage can follow when a supplier’s conduct reflects badly on the hiring organisation. In practice, these categories often overlap, with financial pressure leading to corner-cutting and operational problems creating reputational fallout.
Felix’s guidance is to recognise that supplier management should move through the full lifecycle. The first stage is planning, when procurement teams decide which evidence they will require and which suppliers need deeper scrutiny. A low-risk service provider should not be assessed in the same way as a high-risk specialist contractor. Using a risk-and-value matrix allows teams to match the level of due diligence to the likely exposure.
The next stage is prequalification, when documents are gathered, approvals are completed and information is stored in a way the wider business can access. According to Felix, vendors register once and, after approval, can be engaged across multiple projects. Questionnaires can also be adjusted to suit the project or risk profile, with routine approvals automated and higher-risk cases escalated to the appropriate reviewer.
Sourcing then becomes more reliable when comparable suppliers are judged against the same criteria. That consistency makes decisions easier to defend and creates a record that can be reused later. Capability checks, Felix argues, should sit alongside commercial evaluation rather than follow it. A lower price is not a genuine saving if the supplier later creates delay, non-compliance or rework.
During delivery, the focus shifts to whether the original assumptions still hold true. Certificates lapse, licences expire and service levels change. This is where manual systems tend to fail, because spreadsheets do not chase deadlines and inboxes do not track evolving performance. Felix’s model places ongoing compliance and performance monitoring into the same workflow as the original approval, so issues can be identified before they become incidents.
At contract closeout, or even mid-engagement, review becomes the final piece of the loop. Performance scores and evaluation notes should be retained against the supplier record so they shape future decisions. Without that memory, procurement teams are forced to assess the same vendor from scratch each time, even where there is already a history of poor delivery or strong performance.
The company’s argument is that scalability depends on removing the manual burden. A central source of truth for supplier data, compliance documents, contract dates and performance history is essential. So too is vendor self-service, which shifts responsibility for updating records to the party that owns the information. Felix also points to integration with existing systems, including ERP, finance and business intelligence tools, so that supplier records remain current rather than fragmented across disconnected platforms.
For capital-intensive sectors such as construction, infrastructure, mining, utilities and property, Felix positions its Vendor Management module as the core of that process, with prequalification, compliance tracking and performance evaluation supported by additional sourcing, scheduling and contract tools. The broader point, however, is less about software than governance: procurement risk management works best when it is continuous, proportionate and shared across the business.
The test is simple. If an auditor asked for evidence on your top suppliers, or if a key contractor’s credentials changed overnight, would the business know in time? If the answer relies on email chains, spreadsheets or guesswork, the organisation has already discovered the weakness in its current approach.
Source: Noah Wire Services



