What is supply chain compliance?
For different disciplines it might mean different things. From an EH&S perspective it is a relatively new concept where a particular company has responsibility up and down their supply chain for the compliance of their raw materials, finished goods, as well was what has been done for their end users and of course end of life, disposal or take back, depending on what processes they have in place.
When we talk about supply chain compliance in this arena, we are talking about insuring that as you are procuring materials from your suppliers that those materials conform to specific criteria, whether it be regulations at the government level, internal company self imposed regulations, industry standards or a lot of cases we are seeing quite a bit of development in the area customers are making demands in terms of the certain criteria of the products provided to them.
Certainly, this would be regulatory based, but beyond that to meet the customer's sustainability goals. We have seen for several years now places like Walmart, HP, and IBM. These companies were real pioneers in the area of sustainability questionnaires where they were pushing on vendors who wanted to do business with them to meet certain criteria related to sustainability and push that through their supply chain in order to allow companies to do business with them.
Why do companies collect MSDSs and other product data from their suppliers? What is this information used for?
Operational risk and compliance management is increasingly focused on environmental issues across the supply chain. As companies strive to deliver sustainable on-going improvements in compliance and risk management, they are closely scrutinizing the management of products in the enterprise, especially chemicals and hazardous chemicals, but certainly articles as well, with a special emphasis on fulfilling requirements in regulatory compliance.
It is important to understand and to have transparency into a comprehensive view of compliance performance and risk management throughout the supply chain and the product life cycle. For example, if I need to know that this particular raw material that I may be procuring from three different sources meets all of the requirements that would make me able to push my finished good all of the addressable markets that I am interested in operating.
Beyond that, I am also able to do business with certain target customers. If you take it one step further you look at end user once it is in the actual consumer's hands if that is appropriate. Of course, sometimes your end user is another business.
It is ensuring that the product meets all of the requirements that would allow for safe use and disposal at whatever the end point may be. Companies are collecting this data to make sure they can know that those raw materials and ultimately their finished goods meet all of those various criteria. It is basically data sheet which is a very time proven means of communicating hazards about particular mixtures or substances. Is it a carcinogen and if so at what levels and how do the end-users protect themselves appropriately to ensure that they are not going to be at risk by using that particular product. That kind of basic information can be found on an MSDS, as well as other things not just related to personal safety but facility safety.
What is the flashpoint of the material? Is it caustic? Is it highly flammable? When you are looking at storage and transport you need to understand the proper handling.
Beyond safety data sheets there is a lot of other information people may need, such as compliance certificates or performance certificates. In a lot of businesses such as aerospace, defense etc., there are engineering specifications that you have to declare conformance with that relate to safety and health.
It may be that you are saying, “yes, this product is in compliance with the REACH regulations in the EU and therefore can be imported into the EU and either used as a raw material or pushed to an end user.
There is quite a lot of data and it goes a little broader when you look at things like the Dodd Frank Act and how that will actually bear out in the marketplace. It remains to be seen, but right now what folks are doing to prepare for it is ensuring at the smelter level that they have certification that the raw materials they are using, the target metals specified by the Dodd Frank Act, have not been sourced from the Democratic Republic of Congo. While that is not specifically health or safety, it certainly is a sustainability related issue that requires a lot of data to support and a paper chain or chain of custody.
While it is not a data point like a flashpoint or a hazardous classification, it is certain pieces of information that would support an overall dossier on the suitability of a raw material for use within a company. There is a lot of data.
If you look into food companies they need things like Kosher certification in order to have traceability (certificate of origin certification) in the case of a recall. It can be a broad spectrum of information that they are gathering and what they are using it for is to ensure ultimately that the compliance of their finished goods is based on compliance assurance from the raw material manufacturers.
A company’s efforts are only as strong as the quality of its data. How can companies ensure/promote greater data quality, especially when they are dealing with a multitude of suppliers?
This is tough because there is so much to it. First you look at one direction of the matrix and that is the vast amount of data which needs to be collected. Then you align that against all of the various sources which that data has to come from. It is a very complex issue. At the very basic level you may be dealing with suppliers that who don't know the answers to my questions and can't provide the data because they are not capable of generating it.
In order to still do business with that supplier for the fact that in that particular region they are the only supplier available or you want to keep a certain depth in your sourcing so that you don't have interruption in your supply chain. There can be a lot of reasons why you would want to continue to do business with them, even if they can't provide the compliance assurance you are looking for, but the reality is that they don't have the information.
The next layer that makes it difficult is that even within a company this will cover a lot of different disciplines. It may be procurement, legal or EH&S. There are a lot of different people who have potential ownership or access to data. It becomes very difficult to share that data internally and ensure that you are not bombarding your suppliers with hundreds of different surveys from a single company, but also that the data is utilized by everybody in the company who needs it so that you can assure that it is a single source of the truth and that everyone is basing their information and actions off the same source of information.
Add the fact to this that every day this pile grows deeper, someone is adding a new regulation, a customer is adding a new requirement, you may be adding new products to your offering, or you may be changing formulations so that you have different raw materials. There are so many moving parts in this equation that it makes it very difficult to provide compliance assurance, particularly when everyone is doing more with less from a resource standpoint and suffering under the burden of too much work for too few people. This certainly adds to the complexity of making sure you can say with confidence at the finished goods level that yes, through the supply chain and raw materials (all of the raw materials used in these finished goods) meet all of the criteria that I am concerned about and that my customers are concerned about.
What are the key qualities/considerations when a company is selecting a data service provider for obtaining and managing product data from suppliers?
One of the things which is nice is that there is an option to get a lot of outsourced help with this particular issue so that you are not necessarily required to do it all internally, especially when that can be a failing proposition. Look to people who are already providing you data in a manner that is reliable and robust. See how they can expand the services they are providing to you to be able to accomplish all of the various goals that you have from a supply chain compliance perspective.
In the case of 3e Company, they have historically been a compliance data provider. For example, they will say at a basic level that a particular chemical is on the California Prop 65 list, it is registered for a specific use and under REACH it has this GHS classification in Japan. The company can then roll this up the product level and compliance information about a product. In order to broaden their scope of documentation that they are procuring from suppliers, or to be able to generate that information themselves, was an easy move because you have the infrastructure in place and have the expertise to be able to add a different line of documentation or different line of questioning to what they are already interacting and maintaining relationships with suppliers.
In 3e Company's case it made it a natural extension. In other cases you may have a trusted data provider that is giving you information in other areas and it is a good idea to try to work within those existing relationships to try and broaden the scope of data you are obtaining.
In a lot of cases the problem may be that the data supplier or the vendor you are procuring your materials from doesn't have the answers to the questions that you need. You would potentially work with your data provider to develop that information, whether it is a classification or some sort of compliance assurance.
Another issue to consider is confidential business information. In the current supply chain landscape suppliers can be customers, customers can be competitors, competitors can be suppliers. It becomes really sensitive where you want to provide transparency and you want transparency from your suppliers, but there is certainly the question of competitive information and being able to hold back confidential business information.
By working with a trusted provider such as 3e Company you can set up arrangements whereby they would receive confidential business information from your suppliers and they can push out more from you or push out compliance assurance without revealing the trade secrets you may have. You are providing transparency from a compliance standpoint without “giving away the farm”.
About Connie Prostko-Bell
connie prostko bell.jpgConnie is a Senior Solutions Manager with 3e Company. In this capacity she supports of variety of their products related to compliance at the product level, the company level, as well as the component level through use of their integrated content, tools and processes for generating compliance classifications and gathering compliance related data from suppliers and manufacturers. She has been in the environmental management and information systems space for most of her career of nearly 20 years. Her background is primarily from an environmental perspective but looking to IT as a means of achieving environmental objectives.
Supply chain compliance and data quality
What is supply chain compliance?