How to Improve Your Supplier Risk Management Programme

Modern slavery legislation across the globe is becoming increasingly common as a way to prevent and manage the risk of human rights violations. One of the core aims of this legislation is to drive transparency and, as such, encourage reporting entities to understand and tackle their modern slavery risk (in a “race to the top”).  

Modern slavery and human rights reporting regimes already exist in the UK, France, California and Australia. A broad sustainability reporting regime is expected to be enacted in Germany shortly and throughout the EU by the end of the year.

Right now, Australia is at the forefront of the modern slavery reporting wave. As part of its Modern Slavery Act 2018, larger businesses and organisations are required to publish modern slavery statements, which describe the risk of modern slavery in their operations and supply chains, and the actions taken to respond to those risks..

As part of your Australian modern slavery statement, you’ll need to be able to describe the risks of modern slavery in your operations and supply chain, as well as what you’re doing to address those risks, including any due diligence processes. This information is crucial, as it demonstrates to your stakeholders, peers, investors and civil society that you take your commitment to combat modern slavery seriously. . 

The most effective way to assess the risk of modern slavery in your supply chain and develop actions to respond to that risk is to implement a supplier risk management programme. This has the dual benefit of helping you reduce your risk exposure while providing you with a framework for compliance with the Modern Slavery Act.

But what does a risk programme look like and how do you go about putting one in place? 

Develop Controls

When developing a supplier risk management programme, liaising with the relevant departments within your business, such as procurement and supply chain management, is recommended. They’re the people who work most closely with your suppliers, and together you can agree on the most appropriate controls to use and how best to communicate them internally and externally. 

The controls you adopt should be specific to your business and supply chain and relevant to the third-party risks your organisation is exposed to, as identified in an initial risk assessment.  It works best if you can incorporate the controls into your current procurement processes, so it becomes “business as usual”.

Supplier selection processes, including due diligence questionnaires (DDQs), are an obvious place to start. DDQs tend to be thorough and therefore long – sometimes very long and time-consuming for vendor and supplier alike. 

You may want to think about using a technology-based solution to digitize the process and ease the pain, such as the ethiXbase Modern Slavery Questionnaire. Developed in partnership with top ten legal firm Norton Rose Fulbright, it accurately assesses supplier risks based on five criteria:

  • Jurisdiction (country) of operations and headquarters
  • Industry of supplier/industry of goods and services supplied 
  • Products attributed to high risk of modern slavery 
  • Workforce characteristics 
  • Risk-mitigating measures specific to the individual supplier 

Other controls to consider as part of your risk programme include:

  • On-site visits to suppliers (where possible)
  • HR processes to ensure staff aren’t subject to exploitative practices such as low pay or unsafe working conditions 
  • Supplier codes of conduct and contractual clauses. Traditionally viewed as voluntary standards, these are increasingly being given contractual force by being incorporated into binding contractual standards
  • Human rights training for procurement teams and/ or suppliers
  • Ongoing vetting of third parties – on the basis that the most successful risk programmes are continuous, and developing bespoke controls for suppliers with specific risks
  • Training for suppliers with specific risks
Communicate

Once you’ve decided on the controls you’re going to use, you then need to engage with your internal stakeholders and suppliers. 

Explaining the rationale for your approach and the consequences of non-compliance is key. That will help suppliers understand why they’re being asked to comply with any additional requirements and the repercussions if they don’t. 

If suppliers don’t meet some of your criteria, it isn’t necessarily grounds to terminate the relationship. View it as an opportunity to encourage some of your high-risk suppliers to change.

Be Modern Slavery Statement-Ready

With your risk programme in place, you’re one step closer to identifying and managing modern slavery-related risks within your supply chain. You’re also armed with the information you’ll need when submitting your annual modern slavery statement – not only able to describe the risks of modern slavery practices in your operations and supply chain but, crucially, the steps you’re taking to address them. 

Don’t know where to start? Try a demo of our solution to learn how we can help your organisation successfully implement a third-party risk and compliance programme. 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top