Home / Insights / Assured but not compliant: what happens when assurance fails?

insights-espresso-icon blog

Assured but not compliant: what happens when assurance fails?

Espresso-live Speakers
by Will Nelson , Global Audit Programme Director, Achilles Information Ltd
7 July 2019

what-happens-when-assurance-fails
 

Badger Sportswear is one of the biggest providers of athletic attire in the US. Established in North Carolina in 1971, the company’s reputation is built on its product innovation and excellent service to its clients.

In 2019, the company announced it was dropping a key supplier over claims its products were being produced by forced labour in Chinese detention facilities in Xinjiang . Badger said that the Chinese supplier had been found to be acting “in a manner inconsistent with our global sourcing policy”.

Badger had been using Worldwide Responsible Accredited Production (WRAP), an independent, non-profit compliance organisation, to certify their suppliers and provide assurance. However, the documentation the Chinese supplier had provided WRAP did not give the full picture.

Badger Sportswear had seemingly done everything right, but still ended up with supply chain disruption and potentially bad publicity. The company had learned a valuable lesson – sometimes assurance can fail if not thoroughly implemented.

In need of assurance

Supply chains rely on the confidence produced by external assurance and vetting. As Badger Sportswear’s experience shows, sometimes businesses willing to enter into a contract are not as open and transparent as they should be. Second party audits allow companies to evaluate their supply chains against their requirements, to ensure every supplier is operating to the right standards. The data gained from these audits helps buyers improve their business processes, increase efficiencies and reduce risk.

In the UK, there is currently no formal mechanism for the approval of second party vetting, prequalification and assurance, despite its importance in the efficient operation of supply chains. This means that buyers and suppliers are reliant on organisations and the individual controls and disciplines they have in place.

The question becomes about what assurance your second party assurance provider can give. Buyers need to be sure that the information they are getting is accurate, as the consequences of getting it wrong can be severe.

You are your supply chain

Customers and clients expect companies to be in charge of their supply chains. This includes the quality of the partners they use to audit and provide assurance on them. Buyers that depend on an external company to give them supply chain assurance need to know all their partners are of the highest quality.

Here are some of the main points that need to be considered:

Data management

Providing assurance on supply chains and the businesses that make them up means generating, analysing and storing a lot of data. This information is highly sensitive and needs to be managed correctly.

It helps if the audit service provider has an ISO 27001 certification, which relates to information security management. This means the auditor follows a clear and recognised approach to managing sensitive company information, that ensures it remains secure at all times. Buyers should look for assurance providers that can demonstrate a robust, systematic logic behind the way they use, handle and store supply chain data.

A rigorous approach

When done right, a supplier audit not only helps buyers ensure they are working with the right companies. They also help buyers improve their processes, sharpen their competitive edge and gain credibility. Audits are the cornerstone of second party assurance, and it is important that any partner you work with has a proven approach and track record in this area.

Audits aren’t just about demonstrating compliance. They are a powerful tool for generating insight into how companies work together on a daily basis. But an audit partner must be able to show that they have the experience, specialist knowledge and standardised approach to compliance that is needed.

One size does not fit all

There is no one-size-fits all approach to supplier audits. There are different levels of assurance and it is important to adopt a tailored approach to suppliers with different risk profiles. Otherwise, a situation can arise where some companies are not given enough attention while others are subjected to an unnecessary level of scrutiny. At Achilles, for example, we base our assurance on the level of risk that an individual supplier poses to a buyer, with some filling out a questionnaire and some receiving a full on site, rigorous audit.  Being able to tailor your approach like this requires a clear and defined risk matrix which ensures you are categorising suppliers correctly.

Buyers should place their assurance partners under a lot of scrutiny, because they have to be confident that they can trust the results. Complex supply chains need each party to operate with confidence, knowing they will deliver what was agreed.

In the case of Badger Sportswear, the assurance process didn’t provide buyers with the required level of insight. So, if the worst happens, what should be done?

Rebuilding trust

When suppliers lose the trust of the supply chains they depend on, it can have catastrophic consequences. But having an assurance failure in any part of an established supply chain doesn’t have to equal the end of a business.

There are a number of actions a supplier can take to regain the trust of its buyers and customers.

Acknowledge

To rebuild trust everyone must know what the issue is and how it affects the supply chain. As always, honesty is the best policy. If a supplier is seen to be helping its partners minimise disruption, it can hopefully avoid the worst reputational damage.

Stop

In a situation like this, it is always best to cease the activities that have been called into question. This provides the necessary space and distance required to identify what happened and what the right course of action is.

Investigate

If the supplier is going to recover and get back to business, it will need to understand exactly how the problem occurred in the first place and what measures need to be taken in order to prevent any reoccurrence. This may take time as it is important to be as thorough as possible.

Explain  

Suppliers should be as transparent as possible. This is particularly important when sharing the investigation's findings and processes. How the problem is dealt with and the controls and policies that are implemented will form an important part of the company’s reputation going forward.

Conclusion

Second party assurance is an important part of making sure that supply chains work as intended. But, it is something that needs to have a clear process and be accountable to the companies and customers that rely on it. If your assurance fails, you need to have a plan.

At Achilles, the team of auditors undertake over 6,000 audits a year, across 12 countries. These audits and assessments of suppliers validate their capability, competence and compliance, information which is then made available to relevant buyers with the Achilles stamp of approval. 

The opinions expressed in this article are the author's own and do not reflect the view of Beroe Inc.

 

SHARE
Linkedin Twitter Facebook
Leave a comment

Please enter a valid name

Post your comment

Please select captcha

Instagram

Get more stories like this

Subscirbe for more news,updates and insights from Beroe

Get Ahead with AI-Enabled Market Insights Schedule a Demo Now

Schedule a Demo Now