By Kirsten Wallerstedt
Should a supplier know where the gold in a microchip was mined? And can it be verified that biocide in the shampoo just shipped abroad meets European Union standards for chemicals? In 2015, increased regulation is headed down the entire supply chain and imposes obligations on companies to engage their networks in new ways. Not only are firms with global chains expected to gather data about products and chemicals used to produce them, but rules coming into effect are demanding deeper insight into suppliers’ operations, due diligence, and credibility.
Good data management supports better risk assessment and typically leads to stronger protection of the bottom line. But the data comes before the decision making, and data requirements are expanding to include knowledge of suppliers’ values and policies. Doing this will allow a company to more effectively risk-adjust supply chain decisions not only to meet current compliance obligations but also to potentially mitigate the effects of future risks.
Tin, gold, tantalum, and tungsten — the four “conflict minerals” covered under U.S. law — are used in a wide array of applications. Those metals are found in mobile phones, computers, and other electronics, encompassing numerous industries and unexpected sectors such as apparel, which uses tin rivets and zippers for clothing. U.S. law (Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, Section 1502) requires manufacturers to determine the presence and exact origin of conflict minerals used in their products. One goal is to ensure those minerals are not sourced from mines funding armed conflict around Africa’s Great Lakes region, an area that touches Rwanda, Uganda, Tanzania, and several other strife-torn countries. Starting this year, many companies will begin preparing for an audit of their due diligence actions under the law, presumably leading to closer scrutiny of their plans for compliance. The audits will likely include measures to build capacity within supplier networks and, where needed, implement due diligence programs of their own.
Among the most sweeping regulatory changes are those recently imposed on chemicals by the European Union. Consider the rules governing biocides, which are chemicals used to remove bacteria and other harmful organisms from consumer products. Under the EU rules (Biocidal Products Regulation 528/2012), any use of biocides requires prior approval and a detailed review of the chemical’s application. The regulation has clear implications for cosmetics, appliances, electronics, textiles, building and automotive materials, household items, and childcare products. Biocides are often added to adhesives and sealants, plastics and resins, and oil and gas and also carry the potential to harm human health.
Regulatory consequences from this new regulation take effect in September, when companies will need EU authorization to place a product containing biocides on the market. The regulation explicitly requires an evaluation of supplier credibility to meet compliance obligations to determine the presence of active substances (AS). AS will not be identified on the label, so working with suppliers to gather this information is a given. Substance and product suppliers in many cases will also likely need to be authorized before their products may be placed on the EU market. Noncompliance, such as selling a product containing an AS without approvals, can result in fines or criminal penalties.
Europe’s more aggressive stance on chemicals also affects computers, mobile devices, and almost all other electrical or electronic goods. The EU’s Restriction of Hazardous Substances Directive (RoHS Directive 2011/65/EU of the European Parliament and of the Council of June 2011) monitors use of six hazardous substances — lead, mercury, cadmium, hexavalent chromium, polybrominated diphenyl ethers (PBDEs), and polybrominated biphenyls (PBB) — in electrical and electronic equipment (EEE) placed on the EU market. With few exceptions, electrical and electronic products sold in the EU need to adhere to the regulation. In early 2015, four phthalates are scheduled be added to the RoHS restriction. This expansion of chemical scope is expected to be the forerunner of many.
Product design issues, supplier surveys, and risk assessments are sure to grow along with the expansion of regulatory oversight. Not only is the list of chemicals increasing but so are the categories of products. Previously, the RoHS regulation focused chiefly on consumer electronic products, but it will include medical devices starting in July 2014. By 2019, the scope will encompass all other EEE, including in vitro diagnostic devices and industrial monitoring and control instruments. The bottom line shows that a large number of companies will likely need to deal with RoHS that didn’t have to before. In addition, manufacturers are now required to assess the probability of a restricted substance in each type of product and to assess the trustworthiness of each supplier. If a supplier’s trustworthiness is suspect, the manufacturer is required to collect additional assurances of compliance.
Dodd-Frank Section 1502 requires companies not only to survey suppliers for the presence and source of conflict minerals in their products, but it also insists that many manufacturers enforce due diligence throughout the mineral supply chain. In some cases, the law allows a company to trust the word of its suppliers — but management must exercise careful judgment because companies are required to identify and pursue red flags from incomplete, inaccurate, or conflicting information received from any supplier.
Similar to rules for conflict minerals, the EU requires manufacturers to perform a risk assessment of suppliers in which the manufacturer assesses the probability of a restricted substance being present. The manufacturer must also evaluate the trustworthiness of each individual supplier. Additional assurances of compliance must be sought if a supplier is determined to be untrustworthy. Enforcement measures under RoHS regulations heighten the need to make certain there is adherence.
Just as regulatory awareness is advancing toward new markets in China and Korea, conflict minerals and biocides are expected to spark a trend around the world. And it’s not just these regulations: The U.S. Food Safety Modernization Act (FSMA) includes a new supplier verification program, and recent amendments to the U.S. Federal Acquisition Regulation require federal contractors and their suppliers to formulate antitrafficking compliance plans and certifications. The EU has also recently proposed its own mandatory conflict minerals regime. There is a striking movement in these regulations for manufacturers to become accountable for their suppliers. Companies can no longer take a supplier’s word at face value but must gain supporting evidence for claims and impose due diligence controls where needed.
Therefore, in today’s international business model, it is essential to keep engaged with the global regulatory regime. Regulations are constantly changing, and enforcement is getting smarter. It pays to have the ability to look ahead and see regulations coming down the road. Establishing a supplier engagement program is not only a prudent thought, but it can also have a big payoff. And yet the programs take concentrated effort to set up, and data constantly needs to be revalidated for accuracy.
A flexible portal for suppliers to enter, collect, and synthesize information can provide not only reliable compliance data but can also become a valuable asset for management when making risk-adjusted supply chain decisions. A good program would also include helplines and staff support for suppliers — available in multiple languages and local time zones. Cross-functional teams inside the management structure would allow an integrated strategy to succeed. Education, collaboration, and a corrective-action program should all reap rewards, both for internal teams and for the supplier network. Building strong relationships with suppliers and setting clear expectations can improve the response and quality of data received, but this requires focus. If done with care, this system will likely create resiliency in the supply chain beyond compliance.
Regulations for conflict minerals, biocidal and active chemicals, and RoHS are some of the fields that cry out for new data from supply chains, evaluation of vendors, and the ability for companies to identify and respond to risks. Regulatory obligations on the supply chain are only increasing and becoming more onerous. Companies stand to gain in multiple ways by improving their supply chain compliance programs to meet current obligations and hedge against the likelihood of future risks.
Kirsten Wallerstedt is a senior regulatory analyst at 3E Company, a Verisk Analytics (Nasdaq:VRSK) business.