Featured Product
This Week in Quality Digest Live
Management Features
Ryan E. Day
The psychology of organizational excellence
Kelsey Rzepecki
5S is one of the easiest ways to build a foundation for operational success
Jack Dunigan
Eight actions governed by core values
Ryan E. Day
How Diverse Dimensions uses FARO® 8-Axis ScanArm to fulfill its customers’ needs

More Features

Management News
Creates adaptive system for managing product development and post-market quality for devices with software elements
Amendments to the California Consumer Privacy Act go into effect no later than July 2020
Why not be the one with your head lights on while others are driving in the dark?
The FDA wants medical device manufactures to succeed, new technologies in supply chain managment
Preparing your organization for the new innovative culture
Standard recognizes that everyone is critical to a successful quality management process.
Pharma quality teams will have performance-oriented objectives as well as regulatory compliance goals

More News

Swapnil Srivastav

Management

Managing Compliance in the Supply Chain

As global regulations proliferate, these five best practices become key

Published: Wednesday, September 7, 2016 - 15:40

Mandatory reporting requirements for regulations such as Europe’s REACH (Registration, Evaluation, Authorization, and Restriction of Chemicals) and RoHS (Restriction of Hazardous Substances) legislation have increased the focus on environmental compliance and ethical sourcing across the globe. Meanwhile, new regulations such as the European Union’s proposed conflict minerals framework, and China’s Due Diligence Guidance for Responsible Mineral Supply Chains continue to proliferate in various geographies at a rapid pace.

For companies to successfully operate in these markets, it is essential that they understand and comply with the product and supply-chain laws and standards that exist at the local, national, and international levels. Adding to these demands is the ever-increasing list of monitored substances that requires organizations, as well as their suppliers and importers, to keep track of the substances, chemicals, and minerals used in their products, and then evaluate them against the relevant regulations. Noncompliance with these requirements can prove costly.

To meet these demands, organizations are establishing definitive strategies for compliance. By adhering to regulations and standards with the right processes and best practices, companies can improve both risk and supply-chain management. Moreover, by integrating compliance and due diligence efforts, they can assess their supply-chain risks more effectively, and build robust strategies for responsible sourcing.

Challenges

There are many challenges in adhering to product-compliance requirements from authorities such as the U.S.Securities and Exchange Commission (SEC) and the European Chemical Agency (ECHA), as well as the mandatory CE marking and conformity declaration requirements of RoHS.

Most recently, conflict minerals laws have been creating multiple regulatory challenges. To be compliant, companies covered under these regulations must trace the origin of conflict minerals and smelter information, conduct a reasonable country of origin inquiry (RCOI), and maintain approved supplier lists. They also must gather additional information about their supply chains regarding the use of forced labor, human trafficking, slavery, and other violations.

Similarly, REACH and RoHS make it imperative for companies to identify supplied parts from their bill of materials (BOM), document the presence of substances of very high concern (SVHC) above a certain threshold, and send requests for declarations to their suppliers.

Managing all the data associated with these compliance activities has become a formidable task due to the ever-growing supplier base and the need to track sub-suppliers and their suppliers. The issue is often complicated by the communication chaos in the supply chain, and the lack of accurate supplier responses to surveys and other queries.

As the supply chain expands and the list of applicable regulations increases, companies need to be aware of the risks related to sourcing, and execute a robust supplier governance and compliance program.

Preparing for compliance

Regulations such as RoHS, REACH, and the conflict minerals rule call for greater transparency in supply chains. Companies who prepare well when responding to these regulations are better positioned than others to handle future regulatory developments. They also become more aware of the risks related to sourcing and are therefore better able to execute a robust, supply-chain compliance and governance program that can be expanded to manage compliance with new regulatory requirements.

Below are the key best practices that make up an effective compliance program:

1. Improve supply chain awareness: Perhaps the most important factor in compliance is understanding the supply chain, including all suppliers, sub-suppliers, components, materials, factories, and products, as well as the relationships between them. By mapping these components in a centralized system, companies gain a greater understanding of their product and supply chain, and are able to identify and mitigate risks quickly.

2. Evaluate regulations: As the scope of business expands across geographies, organizations must be prepared to respond to local, national, and international laws, and understand how each of them is applicable to the supply chain. Often, the fear of noncompliance drives organizations to react to new regulations in a knee-jerk manner without sufficient knowledge of the regulations or their applicability. To avoid this situation, organizations would do well to stay informed about regulatory updates and changes, and then quickly assess how these requirements apply to the supply chain.

3. Detect gaps and inefficiencies: Once organizations have a clear understanding of the supply chain and applicable regulations, the next step is to assess the gaps and inefficiencies in compliance, and respond to them in a timely manner. Often, a mix of activities such as audits, tests, and assessments are used to identify gaps in compliance efforts. These activities are usually conducted at various intervals for various regulations. For compliance with the conflict minerals rule, one assessment per annum serves the purpose. However, for REACH and RoHS compliance, the assessments, audits, and tests need to be conducted based on changes and updates to the regulation or BOM. Organizations also need to consider other factors such as changes made to suppliers and business units, as well as expansion to new geographies. All this information helps to build a holistic product and supply-chain compliance program.

4. Ensure data quality: When it comes to compliance data management, simple tools such as spreadsheets might work for a small organization with less data. However, as the organization matures, the data also become more complex. At this point, using spreadsheets to manage multiple data points such as material name, CAS number, substance name, and weight can become cumbersome. A centralized technology system with pre-built data templates makes the process much simpler and more structured. Organizations can use industry-standard templates (like the conflict minerals reporting template) to measure and better understand regulatory requirements, while also closing compliance gaps, if any. These templates help highlight areas of noncompliance, and prevent their recurrence.

5. Make the compliance process repeatable: Because compliance is not a one-time activity, it has to be done right. The program strategy and management must be defined in a way that is repeatable for all people involved, whether they are internal stakeholders or suppliers. Regulatory authorities want to see complete compliance documentation with high-quality data. Thus, organizations would do well to ensure that data gathered once through surveys, assessments, audits, test results, and other activities are accessible to all departments to help them in their respective supplier-compliance or assessment processes. With a centralized compliance management system, this objective can be achieved easily.

Leveraging technology

New regulations come with complex challenges, but if interpreted and complied with effectively, they can help an organization build credibility and brand value. In fact, regulatory compliance efforts can be a source of competitive advantage. However, many organizations use multiple, fragmented compliance-management systems that lead to duplication of time, effort, costs, and resources, and that make it difficult to derive important risk intelligence from consolidated data.

This is where technology can help. By leveraging a robust compliance management solution, organizations can not only streamline compliance management, risk management, document management, and reporting, but also integrate multiple product compliance management initiatives. A good system provides the transparency and visibility needed to respond promptly to various regulatory requirements.

 In a nutshell, a smart technology solution for compliance management can help:
• Map product information, including chemicals, composition, materials, and components, to supply chain information, including details of factories, laboratories, suppliers, and sub-suppliers
• Respond to regulatory changes through automatic alerts on updates or changes to standards and regulations that affect the changing business environment (this helps companies in not only adhering to laws, but also mitigating risks proactively)
• Automate and improve communication with suppliers on assessments, declarations, testing results, policies, and other documents and processes
• Simplify the design, scheduling, and execution of compliance assessments for various regulations
• Accelerate the investigation of risks and open issues

Conclusion

Rapidly changing industry regulations and standards have made it imperative for companies to establish a clear strategy for compliance management, subject to the nature and design of regulatory changes and the level of risk involved. Companies are often better able to respond to changing regulatory requirements by adopting an automated solution that is efficient and user friendly to concerned stakeholders and suppliers worldwide. Such a solution should also provide real-time visibility into compliance across all the tiers in the supply chain, and help stakeholders understand the impact of risks on strategic and organizational goals.

Discuss

About The Author

Swapnil Srivastav’s picture

Swapnil Srivastav

Swapnil Srivastav, a product marketing, presales, and purchase professional is currently working with the MetricStream marketing team on the third-party management solutions. She has more than six years experience in supply chain governance, supplier risk and strategy. Prior to joining MetricStream Srivastav worked at Robert Bosch with the direct material purchase team on supplier strategy, negotiations, purchase, and cost reduction projects.