Ethicast Episodes

11 Supply Chain Due Diligence Best Practices

So what does a good supply chain due diligence program look like? Here’s another tip: It has eleven interrelated categories. To understand residual risk, you need to understand your maturity and that of your key suppliers in each category.

1. Supply Chain Mapping: The first step in establishing a supply chain due diligence program is to identify and map the organization’s supply chain partners, looking at who provides services or materials and where they are located. 
2.  Risk Assessment: An effective program is risk-based. It is important to have a process for evaluating the likelihood and potential impact of supply chain risks and prioritize them across the environmental and human rights spectrum.
3. Strategy & Goals: Supply chain due diligence should be aligned with the overall business strategy and ESG goals. The due diligence process should provide data needed for tracking progress and public reporting.
4. Policies, Procedures & Records: The due diligence program should be defined in a reasonable number of policies and procedures, shaped by the risk assessment and the relevant laws.
5. Responsible Supply Chain Engagement: ESG expectations should be communicated to suppliers frequently and through a Supplier Code of Conduct. A process should exist for vetting, approving, and onboarding new suppliers, along with considerations for disengaging from a supplier when necessary.
6. Governance and Oversight: Senior leadership’s level of involvement is important in embedding responsible supply chain engagement practices and mitigating potential supply chain risks. Part of an effective program is having trusted grievance reporting channels for employees, suppliers, and other stakeholders to access.
7. Training & Communication: Effective training and communication is critical to building awareness of the ESG expectations and gaining commitment internally and with suppliers. You should also communicate information on the actions to take to meet legal requirements. 
8. Monitoring: An ongoing process is needed for assessing the supplier’s ability to adhere to the supply chain due diligence expectations for mitigating potential risks. 
9. Corrective Action & Collaborative Remediation: Define the corrective actions required of suppliers or to be conducted in collaboration with suppliers. This includes assessing the roles and responsibilities in the remediation efforts, as well as assessing the effectiveness of remediation efforts. 
10. Stakeholder Engagement: Engage with external stakeholders (including workers of suppliers) to establish and monitor the ongoing effectiveness of the supply chain due diligence strategy and related goals. This includes how the organization considers the potential impacts its supply chain has on the communities of its suppliers.
11. Reporting & Disclosure: Reporting is a critical requirement in meeting the supply chain due diligence regulations. There should be a process in place for assessing the reliability of the data being collected from suppliers and third parties (e.g., audit firms, consultants) and for determining the appropriate level of transparency and disclosure. 

Understanding your current level of maturity is a critical step to prioritizing where to focus efforts and proceed efficiently. Just as you need to prioritize where to go in-depth with your suppliers, you need to prioritize which elements of your supply chain due diligence program to focus on. You can’t work on everything at once. You need to measure so you know where to improve.

To make it practical, it takes a combination of technology and human expertise to understand and make decisions effectively and efficiently. This will require new internal collaborations and new collaborations with your key suppliers.

For these collaborations to be effective, the parties must commit to a common goal and move beyond sharing transactional data to trading strategic data. They must also establish a common language and shared performance metrics.

Scaling Supply Chain Risk Management

We know that the plethora of supply chain risk, due diligence, and reporting legislations can be overwhelming and managing and mitigating environmental and social risks in your supply chain can be complicated. A well-structured supply chain due diligence program requires time, analytics, and subject matter expertise.

We believe that the structured, systemic, collaborative measure and improve approach based on the OECD Due Diligence Guidance For Responsible Business Conduct framework is the reasonable way to improve your supply chain risk performances scalably.

To learn more about how Ethisphere can help improve your supply chain due diligence program and systematically and practically understand your current suppliers, and their inherent and residual risk, explore these resources:

• Podcast: How to Prioritize Your Supply Chain Risk
• Podcast: Understanding New Supply Chain Regulations
• Podcast: Managing Due Diligence and Supply Chain Relationships