risk-assessment-standards

Is Your Supplier Compliance Program A Joke?

supplier-compliance-audits“You know those supplier audits are a joke,” Sammy told me earlier this year, over our second bottle of Taiwan Beer and a bowl of meatball dumplings in a Taipei hole in the wall. “We know when they are coming, and we make sure everything is ready for the audit. And others simply bribe the low-paid auditors.”

Sammy would know. I have known Sammy since 1984, when my first job after receiving my MBA frequently brought me to Asia to develop and source products. Sammy has been selling into the U.S. since the early 1980s from his base in Taiwan, and currently works with a company on “the Mainland”—People’s Republic of China—selling products to European and American firms big and small, including “three of the biggest four retailers in the U.S.”

“If those companies were really serious about our practices, they would do surprise audits. Perhaps then they would find some people who had not rehearsed, or some minor safety violations.” This confirmed a suspicion I developed years ago when talking with one of the auditors from a “Big Four” retailer who bemoaned his inability to do surprise audits.

But Sammy pointed out a more challenging problem. “The fact is our factories are pretty good. They are fairly clean and safe. We don’t employ children or prisoners. But a good share of what we sell—and the majority of what some of our competitors sell—is not made in the factories that auditors visit. Much of it is not made in factories at all. There is still a lot of cottage and home production, and our customers don’t know anything about the way that product is made.” Sammy shook his head in amazement. “If companies looked at the volumes they are buying and compared them to the capacity of the factory, they would know that much of the product was made elsewhere. But they don’t do this.”

Monitoring supply chains is hard. I recognize that. There are legitimate questions about how far up the supply chain should one audit or monitor, and what one should monitor for. But Sammy raises important questions. If retailers (or their agents) are going to audit suppliers, shouldn’t the right to conduct surprise audits be part of the process? Shouldn’t auditors be trained to look at capacity issues as well so that they can understand whether there may be other manufacturer sources?

Those are questions which, to me, have easy answers. But there are other questions that are much harder to address. How do companies make sure that auditors are compensated well enough so that they will be less susceptible to bribery? And are we monitoring for the right things? For example, what if a retailer finds that home workers make some of the Christmas ornaments they sell? These home workers don’t have the facilities that a factory does. And the children in a family may assist their parents in making or packaging these ornaments. Is this unethical?

Sammy’s biggest complaint was more pedestrian. “We spend a lot of time and money preparing for these audits. And we understand some of it—like it would be bad if people died in an unsafe factory making things for a big American retailer. But our biggest problem with the audits is the amount of hours worked by our employees. And if our employees want to make more money, and we want to pay them more, and the government doesn’t seem to care, why should American retailers?”

I believe all this argues for a robust implementation of what I call the “3G” of supplier monitoring. The first generation: “Will they deliver what we ask for?” The second generation was/is auditing/monitoring/certification. The third generation is a more thoughtful and systematic risk and reputation based monitoring of suppliers and other third parties. (See this link at Global Compliance for one such effort.) And as for 4G? Send me your thoughts or leave a comment below. Perhaps we can address this important issue together.

Steve Priest, senior advisor at Global Compliance**********

About the Author

Steve Priest was described by The Wall Street Journal as “one of the most sought consultants to keep companies on the straight and narrow.” For seventeen years Steve was president of the Ethical Leadership Group (ELG), a consulting firm that specializes in ethics training & communications and compliance assessments. Steve now serves as founder of ELG and senior advisor at Global Compliance, the compliance solutions firm that ELG joined in 2007. For more information about his work, visit Steve’s CCI author page.

About the Author

Steve Priest

Steve Priest, senior advisor at Global ComplianceSteve Priest was described by The Wall Street Journal as “one of the most sought consultants to keep companies on the straight and narrow.” Steve founded Ethical Leadership Group in 1993, sold it to Global Compliance in 2007, and is now an independent consultant who works with boards, senior leaders and ethics and compliance professionals to strengthen cultures of integrity. Steve has:

  • Consulted “on the ground” in 48 countries on every continent with more than 25% of the Fortune 200.
  • Trained forty boards of directors and senior leadership teams, including Nobel laureates, CEOs and (retired) senior politicians.
  • Served as the trusted, “go-to” adviser for CEOs, GCs, and compliance officers when organizations are in trouble, assisting with assessments, strategies, and communications within and outside the organization.
  • Been relied upon by the U.S. Department of Defense and other government agencies to objectively assess organizational culture and compliance programs.
  • Been approved by the government of India to conduct anti-bribery training and coaching in a sensitive case.
  • Written the most widely imitated codes of conduct in the world, read by millions of employees.
  • Informed and entertained hundreds of audiences with his skillful blend of facilitation and platform skills as well as conveying serious messages with a sense of humor.
Prior to founding the Ethical Leadership Group in 1993, Steve Priest was for three years executive director of the Center for Ethics and Corporate Policy, a Chicago-based ethics think tank. Priest received his ethics training both in the real world of business and inside the ivy-covered walls at Harvard University’s Divinity School, where he received a Master of Theological Studies degree. He has his MBA and BA from the University of Chicago and studied international organizational development in the Graduate Business School at the Katholieke University of Leuven in Belgium. Contact Steve at 312-799-9586 or ethical@aol.com. In his articles for Corporate Compliance Insights Steve will explore the challenges of creating a culture of ethics and integrity in global organizations.