It’s who you know: why supply chain integrity matters

It is no longer enough to just do a good job or make a good product. How you do this is just as important to consumers, customers and regulators. Supply chain integrity has become a key aspect of doing business, especially where one or both parties are regulated or listed entities.

Provisions in agreements in mandatory policies such as anti-bribery, data protection, modern slavery and the like are often viewed as standard or ignored completely. As an SME concluding a supply agreement with a large company, the temptation is there to just sign an agreement to get the deal over the line but if you can’t meet the requirements of a supply chain audit, the risks could be dire.

Understanding supply chain integrity

Supply chain integrity refers to establishing a supply chain that is legally compliant. This means that businesses want to be sure that, in order to comply with their legal obligations, their suppliers in turn comply with their own obligations. This is not only a requirement for doing business with UK companies. If a UK business is offering goods and services to certain countries in Europe, the foreign equivalent of these laws will need to be complied with.

International legislation examples

An example of such legislation is the far-reaching German Act on Corporate Due Diligence Obligations in Supply Chains which imposes due diligence obligations on large German companies to make sure that environmental and human rights standards are met throughout their supply chains.

The risks of failing to meet supply chain obligations

Most supply agreements whether for goods or services contain a provision stating that the service provider warrants that it will comply with laws and regulations applicable to the provision of these goods or services. Attached to this is often an undertaking to identify the customer against any liability it may incur because of the service provider breaching these applicable laws. These indemnities may be uncapped meaning that the financial consequences of this obligation could be open-ended.

How to ensure compliance in your supply chain

The first step to consider is what you are warranting that you comply with.

Common legislation and compliance areas

The key warranties requested is usually compliance with the:

• Bribery Act 2010
• Modern Slavery Act 2015
• Data Protection Act 2018, UK GDPR and, where applicable, EU GDPR

Other warranties may include compliance with other policies such as environment policies, procurement policies, corporate and social responsibility policies, cyber security policies and business continuity and disaster recovery policies.

Why “signing and sorting later” is risky

We frequently see service providers will sign the agreements with the mindset of “I’ll pull something together once this agreement has been signed.” Sometimes the agreement is signed without the service provider even requesting copies of the policies it is warranting to adhere to.

Even when those policies are provided, the attitude of the service provider is often that there is no way that anyone in the company will commit an act of bribery, be involved in modern slavery or use personal data in a way that breaches legislation.

This is simply not sufficient. If your employees, independent contractors or service providers don’t know what would fall outside the lines of acceptable conduct, how can they be expected to act in a way that doesn’t put the company at risk?

Building a culture of compliance – the role of training and internal policies

Training and internal policies are the cornerstone of ensuring compliance with supply chain legislation and warranties in agreements. In order to minimise risk to the business, steps must be put in place to show that every effort has been made to comply with your duties. This means operational policies that make a difference to the way you do business. In other words, the policies need to be tailored to your business and give voice to how you operate within your industry.

Need help with supply chain compliance?

If you find yourself in the midst of negotiations which require the kind of warranties set out in this article or you have already agreed to them, we are able to guide you through the process of making sure you are able to meet your contractual obligations. Even if you are not in this position, setting up statements and policies will ensure that you are fully compliant with wide-reaching legislative requirement and help you apply your mind to any weaknesses in your business processes – especially when it comes to cybersecurity, AI, and disaster recovery. Our Commercial team is always available to help your business grow and compliance is a part of this.