This article was originally published on the Compliance Kristy blog.
Supply chain risk is everywhere. It comes into focus with nearly every new compliance scandal. Issues with modern slavery, cybersecurity, geopolitical instability, boycotts, sanctions…the list goes on and on.
We who work in compliance have a lot to deal with, especially as new disclosure laws come into place. More and more of our clients at Spark Compliance are dealing with collecting information on their supply chain to comply with laws like the EU’s Corporate Sustainability Reporting Directive.
But it’s not just the laws wreaking havoc. It’s also consumer expectations for transparency in the supply chain, as well as the need for business continuity and resiliency if part of the supply chain falls over.
If you’re new to supply chain risk management or you’re curious to know if you’ve contemplated all the major compliance-related risks, here is a brief (but not exhaustive) rundown of the types of risks you should be considering.
Human rights and modern slavery
Forced labor
Forced labor exists when workers are coerced into working for free or for very low wages. This includes prison labor and people in debt bondage who are trying to pay back travel or boarding fees that can never be paid with the wages given.
Child labor
Child labor is usually defined by the laws of the land in which the labor force operates. However, many companies maintain a minimum age requirement regardless of the laws of the country (frequently age 15 or 16, with 18 as a minimum for hazardous jobs).
Unsafe working conditions
Unsafe working conditions are just that – unsafe. That may mean a lack of personal protective equipment or using machinery that has not been installed with concern for worker safety.
Discriminatory practices
Many companies are concerned with discriminatory practices, such as excluding women, people of certain ethnicities, or religions from participating in the workforce.
Environmental risks including…
Deforestation
The agricultural industry tends to be the biggest offender in deforestation, as well as cattle grazing, mining, and paper milling.
Carbon footprint and pollution – including Scope 1, 2 and 3 emissions
Most of the supply chain laws require aggregation of information about the carbon footprint of their own company, as well as the energy the company uses, and that of their third-parties (Scope 1, 2 and 3). Companies should also be focused on avoiding polluting the environment.
Waste management
Waste management and proper disposal of chemicals is critically important, especially when it comes to waterways and oceans.
Resource depletion
Resource depletion can lead to animal, insect, and plant extinction, as well as the destruction of communities relying on resources. Responsible resource use is critical for supply chain management.
Sustainability
Ethical sourcing
Ethical sourcing is not only a key responsibility of ethical companies, it can also be a major selling point for consumers.
Product lifecycle management
Supply chain watchers should make sure that the entire product lifecycle is managed appropriately. This typically includes recycling and re-selling of waste where possible for other uses.
Risk management (supply chain resiliency)
Ensuring a stable supply chain is paramount to production. Key components should have redundancies identified in case a major supplier goes out of business or is otherwise unable to deliver necessities.
Conflict minerals
Many companies have to report on conflict minerals within their supply chain. Conflict minerals are specifically enumerated in law. They come from regions with war or human rights concerns.
The hard to predict…
Geopolitical instability
Countries currently at war or on the brink of war create major challenges. They often lead to sanctions by one or more countries, and sometimes those sanctions compete, leaving multi-national companies in untenable circumstances. Obtaining product components from places subject to sanctions is risky business.
Natural disasters
It’s difficult, if not impossible, to predict natural disasters. However, some regions are prone to earthquakes, hurricanes, or fires. If your suppliers are in such areas, it’s a good idea to ensure they have good resiliency and business continuity measures in place.
Cybersecurity breaches
The phrase “there are two kinds of companies. Those that have been hacked and those that don’t know they’ve been hacked” is a trope for a reason. Cybersecurity is a top-of-mind issue and concern for companies. Any company with access to your company’s systems or data should be thoroughly vetted.
Economic downturns
Economic downturns can be problematic, especially if they cause the constriction of an industry necessary to supply goods and services to your company. If key suppliers go out of business in an economic downturn, that can cause big problems.
As you can see…
As you can see, there are many reasons to stay awake at night when it comes to supply chain management.
How do you handle all these challenges? As usual, the answer is taking a risk-based approach, focusing your due diligence on the highest-risk suppliers and those most important to the company.
Want more information on exactly how to manage these risks? Of course you do! Join me on September 19th at the NAVEX Next virtual conference where I will be performing a session called, “Behind the Label: Ensuring Human Rights in Your Supply Chain.” My co-host Michael Olver and I will be focused on what to look out for and how to manage supply chain risk.
Join us by signing up below!