White paper on Ethics and Compliance part 1

A bunch of dropped dice

First published in Australian Compliance Institute newsletter, September 2010

Are your suppliers putting your company's brand and reputation at risk?

The importance of supplier compliance management and the impact of the COIN approach.

Like most things in life, reputation counts for everything, and in business, it can be the difference between winning and losing, success or failure.

In the corporate world where the adage “cut throat” means just that – the final act of conclusion, the business of ethics creates a dynamic for business reputation that carries with it the keys to open doors to relationships with other businesses that can lead to bigger and better things. Business is about deals and the art of negotiation – being ethical means more times than not clients will be advocates for „you always having done the right thing.‟

Whilst the regulations around supplier compliance have been around for some time, Supplier Compliance Management (SCM) is a foreign term for many businesses and a practice that is relatively rare. Indeed, using SCM to increase the reputation of an organisation is relatively new, but more businesses are coming to grips with the idea. How they go about the task successfully is the million dollar question.

Supply chain management today is an area of enormous reputational risk’

Running a business where suppliers need to be compliant is one thing, but to ensure reputations are not compromised and that the ethical behaviour of suppliers is a factor that is considered a paramount part of the business equation, is another. Ethics and compliance are critical – do the wrong thing and you lay the foundation for a cancerous spread of reputation demolition. For most businesses, one of the most poorly managed areas of corporate documentation is supplier compliance. A recent survey of 2000 global companies showed 86% of respondents conceded their primary code of ethics failed to address the conduct of suppliers.²

Furthermore, suppliers are omitted from corporate risk analysis, and a lack of tracking of supplier compliance documentation means action is rarely taken on non-compliant suppliers.

As companies become more acutely aware of the potential risk of incurring heavy financial penalties, this issue is seen as too complex and expensive to address. It is an issue that is regularly placed in the ‘too hard basket’ because nobody is prepared to deal responsibility of tackling the problem.

US corporate giant Texas Instruments is one company that takes the issue of ethics and compliance more seriously than most. It subjects its suppliers – especially internationally based companies – to closer and greater scrutiny than most. Texas Instruments encourages suppliers to adopt their ethics template in bidding and visits key supplier sites to look for potential issues or flaws that may compromise its business overall.

Texas Instruments wants to flush out the negative imperatives it can‟t foresee through its suppliers. No company can afford to be complacent about ethics violations of safety and labour laws, and yet amazingly, only 14% of companies appear to be satisfied they are managing their compliance risk ‘quite well’³, yet it is the brand that carries the risk.

Regardless of whether a supplier has produced, or has failed to produce to specification, it is ultimately the brand that carries the risk: Nike, Mattel, Toyota and others have all learned this the hard way.

 A strong business case exists for adopting an ethical supply chain model – trusting suppliers to safeguard your brand is no longer enough because whether companies like it or not, more needs to be done.  Not only is the selection of suppliers now better guided by ethics and compliance, but creating and maintaining a compliance history profile and other regular assessment tools becomes increasingly important.

The pressure to improve for some businesses has seen many upscale their internal ethics and procedures, yet many still continue to turn a blind eye to the necessity of effective supplier compliance management.

So, why are some organisations reluctant? The answer likely lies within a growing volume of regulation and paperwork and highly ineffectual methods of managing it. With almost 30% of companies tracking over 10,000 documents with varying expiry dates, 79.6% of organisations are still using manual methods to collect, store and track supplier compliance documents.

Survey results
Results from Strytex Global Survey May, 2010

Imaginably, this creates an administrative nightmare, which supports why insufficient time, inadequate budget and insufficient administrative resources are often cited as the three major reasons for inaction in the area of supplier ethics and compliance management.

Survey results pie chart

What is even more worrying is that  64.2%  of respondents said they were not aware or only partially aware of all their self-regulatory and regulatory responsibilities for managing supplier compliance. This result is unsurprising given that most respondents may be spending most of their time managing paperwork rather than managing compliance and therefore possibly putting their organisations at risk.

At an industry level, the situation is worse. Organisations collect multiple compliance certificates from all of their suppliers and in return, distribute multiple copies of their policies and procedures. Over 98% of all documents are duplicates. There are enormous unnecessary costs across industries in terms of time spent searching for information, time spent filing documents, cost of storage and missed information.

Increasing regulations are only making  the matter worse and expanding the responsibilities even wider. Earlier this year, Queensland students and teachers were found to have been exposed to asbestos.  New government recommendations not only included training for principals and volunteers,  but a compliance regime for contractors. The outcome now sees school principals having to be aware of any contractors employed on a day-to-day basis who undertake building or maintenance-related works of any description be suitably dressed. School principals are not compliance experts, however, they are liable. Increased regulations in the “chain of responsibility” are widening the compliance net to make senior and middle management liable as well.

Waiting until increased regulation happens, or a company‟s name splashed all over the front page of a newspaper with the word “negligent” worked into the headline,  is a  naive head-in-the-sand attitude that is just inviting trouble and an all-out assault on an organisation’s reputation. Simply put, it’s just dumb business.

So what‟s changing? Brand damage, the introduction of new regulations (such as CPSIA in the USA and “Chain of Responsibility” provisions in the Road Safety Act), and changes OH&S legislation in Australia are encouraging a culture of change.

Up until now, most executives believed their responsibility was solely to ensure their organisation was compliant, ethical and that they did not need to extend their scope beyond the internal workings of their company. To prevent a breach of ethics, companies would previously insert clauses into contracts requiring suppliers and subcontractors to “comply in all material respects with all applicable laws, statutes, and regulations”. However, when an ethical scandal or supplier compliance issue erupts, no amount of finger-pointing will satisfy consumers, investors, regulators or the media. Many organisations have realised that they need to include their suppliers and subcontractors within their ethics and compliance programs. So it is encouraging to note that while 78% of organisations currently fail to include suppliers in their compliance and ethics programs, 57% say that suppliers will be included in such programs within the next 2 years.

So, how are companies going to fund and manage these programs with suppliers? The major barriers for implementing a supplier compliance management program are

  • insufficient time,
  • inadequate budget and
  • insufficient administrative

The man-hours involved in collecting, collating, tracking and assessing documentation alone can be seen as negatively impacting the bottom- line.

The good news is that there is an emerging move to a program called Communities of Interest (COINs), where buyers, suppliers, subcontractors, certifications bodies share their compliance information.

Next month’s article will explain how COINs work, outline the key differences between the COIN approach and the existing approach and specifically, how COIN‟s can overcome cost barriers. It will look at some of the follow on benefits of the COIN  approach covering improved Recall and Withdrawals in the supply chain and improved quality though tracking of Corrective Actions.

In conclusion, as one of the survey respondents put it, “Supplier Compliance is an issue that is at times neglected when minor issues are ignored. However, it is the minor issues that eventually contribute to major fallout’s.


  1. http://www.reputationreport.com.au/2009/07/supply-chain-reputation-risk/
  1. Michael Levin, ‘Building an Ethical Supply Chain’, Nov 2008
  2. Pamela Babcock, ‘Monitor Ethics, Compliance in Supply Chain’
  3. Global survey into Supplier Compliance Management carried out by Strytexand iCiX, May 2010


Nigel Dalton-Brown, GAICD, AMIIA, MBA

Managing Director, Chair, Speaker, Lecturer, Author

Nigel is the Founder of Strytex and has been presenting and writing on Goverence, Obligational Awarenss, Risk Management and Compliance administration (GORC) since 2010.

Leave a Comment