Supplier Compliance: Ask the Experts
Need to gain control of inbound transportation? Then get on the same page as your suppliers. Inbound Logistics picks the brains of seven industry experts for their advice.
More to the Story:
Managing supplier relationships can be tricky, but getting it right can have a huge impact on your business. Inbound Logistics asked seven executives at leading third-party logistics and technology providers for advice on how to effectively on-board new vendors, select the performance metrics that offer the most value, handle non-compliance issues, and more. Applying their suggestions to your inbound supply chain can help avoid shipment delays, damaged goods, and legal issues.
Q: How can a company's various departments—such as sales, finance, and logistics—work together to promote supplier compliance?
Greg Holder, CEO and Chairman of the Board, Compliance Networks: The most effective supplier compliance program brings together the retail buyer, supplier sales, the logistics group, and the finance department so all partners are working together to create the best possible customer experience.
In the retail supply chain, buyers own the relationship with supplier sales agents, and it is their responsibility to convey how poor supplier compliance affects the customer. They don't need to be logistics professionals—they just need to understand the importance of landed cost, and its impact on customer service and overall retail profitability. The logistics organization is also responsible for communicating expectations to suppliers, such as the notification process if a supply chain failure occurs.
The finance organization benefits from a strong supply chain because reducing lead-time variability and eliminating unproductive safety stock reduces working capital requirements. Retailers also benefit from an increase in operating cash flow as they recover unexpected costs in the form of chargebacks.
Patrik Thollesson, District Vice President, Northeast, Geodis Wilson USA: Various stakeholders hold different information needed for managing suppliers. Sales has the market intelligence and customer requirements, and identifies new opportunities. Procurement handles direct supplier negotiations. Finance owns supplier approval and setup, as well as risk management and legal issues. Logistics focuses on transit times and order fulfillment.
It is not uncommon for the various functions to use different system components, which may not even be connected. Ideally, companies should take a holistic approach, and establish a compliance system that supports their corporate strategy by linking the different enterprise functions to facilitate measurability and decision-making.
It is beneficial to take a cross-functional approach to identify compliance and risk areas. A risk-based assessment that defines the most critical elements in the supplier management and compliance program can help support business continuity. Also, a central, validated data repository capturing important information from the various functions is key to minimizing the administrative work related to a supplier compliance program.
Bob Farrell, CEO, Kewill: Companies need a supplier management playbook, and departments need to understand the elements of the playbook for which they are responsible. The playbook should clearly state who has the ability to tell a supplier how and when to act. This avoids confusion and shortcuts in the processes required to maintain compliance.
Philippe Naudin, President, SDV USA Inc.: The cost of common vendor-related problems and their impact on profitability affects many departments—including operations (in the form of shipment delays), accounting (by creating extra paperwork), and sales (in managing customer complaints).
Team efforts are vital when vetting and monitoring suppliers, as their actions can affect all departments within a company. Several departments should outline and set the general requirements for vendor qualification, and establish processes to ensure compliance.
A well-defined document that spells out requirements, expectations, and penalties removes ambiguities. It can help avoid misunderstandings and create better vendor relationships.
The legal and compliance departments should monitor new laws and regulations broadcast by government agencies in the United States and overseas. Also, key departments can establish and maintain a list of approved suppliers conforming to the company's requirements.
The company should evaluate and assess suppliers periodically, and/or when a non-compliance issue occurs. Continuously monitoring suppliers is paramount to ensure their ongoing commitment to the company's values.
Alan Miller, President, TransportGistics Inc.: A successful compliance program starts with clearly defined and effectively communicated requirements. Because multiple departments have different conditions for trade, and various touchpoints at trading partner organizations, creating a cross-functional team is important.
This team, supported by an executive sponsor, should work to identify the financial impact of supplier performance, then create the policies, tactics, and metrics necessary to facilitate or remedy that behavior.
Q: What elements should a new vendor onboarding program include to help ensure compliance?
Holder, Compliance Networks: Address factors such as supplier capabilities, requirements, and allowance agreements, as well as insurance needs, W-9 forms, and EDI requirements. Also important—but often overlooked—is educating suppliers about the purchasing order lifecycle, and confirming that they understand how it can affect them financially. It's not only important to perform well, they must perform well consistently. Lead-time variability and poor fill rates are the primary reasons for companies to carry safety stock, which is a poor use of constrained working capital.
Harold Friedman DLP, Senior Vice President of Global Corporate Development, Data2Logistics: Vendor onboarding is the foundation of establishing a new relationship, and requires both vendors and buyers to invest time and effort. The process includes gathering documents and data needed to set up a company as an approved vendor, and to enable the buyer's organization to conduct business and make payments to that company. The vendor onboarding process often requires input, review, or approval from procurement, risk management, legal, finance, logistics, and accounts payable departments.
Information about shipping product—whether it is prepaid or collect—must be clear. For example, who will control the carrier selection? This is not always determined by who pays the freight.
An easy-to-use routing guide clearly outlines the carrier selection process. It should address all the relevant questions: Who are the primary, secondary, and tertiary carriers for specific routes, weights, or shipments that require special handling? What are the procedures when expedited shipping is required, and who will be liable for premium freight charges under various scenarios? What are the financial or other implications if the carrier indicated in the buyer's routing guide is not used? Will carriers be required to make delivery appointments, and, if so, how soon in advance? How will returns be handled?
Scott Cubbler, President, Life Sciences and Healthcare, Exel: It's important to provide vendors with a list of expectations and requirements, and address contingency plans and non-compliance penalties. Arrange for regular feedback, and communicate the escalation process in case problems occur.
Thollesson, Geodis Wilson USA: The onboarding program should stem from the company's supplier management and compliance program, supporting the supplier compliance strategy. The onboarding process often consists of three basic steps: pre-qualification, onboarding, and performance evaluation.
Pre-qualification should confirm that the potential supplier actually can perform the expected services. The supplier may need to sign a non-disclosure agreement (NDA) so the company can share sensitive information. Pre-qualification can include discussing geographical coverage, specialization in a given vertical market, financial profile, industry references, number of years in business, technological capabilities, insurance and business registrations, and safety and quality records.
One important element of the actual onboarding is confirming that the supplier understands the expected deliveries. This means having clear agreements with concise language, streamlined processes, and measurable key performance indicators (KPIs). Standard operating procedures should provide as much detail as needed—keep in mind that well-selected images can replace lengthy and complicated wording.
Also important is efficient internal onboarding, including setting up internal systems and training staff members on when and where to use the new supplier.
Farrell, Kewill: A new supplier onboarding program should include clearly defined and documented criteria that all suppliers must meet. The program should provide a forum for discussion, and include specific training that verifies the vendor understands the criteria.
A good onboarding program may include a questionnaire to gather relevant master data, including contact details and banking information. Some companies store and maintain this information in a vendor portal that feeds the corporate master data management systems.
Other components of a good onboarding program include a vendor due diligence review, and acceptance of trading agreements such as contracts and NDAs; code-of-conduct and corporate responsibility statements; environmental guidelines; and security assessments.
Naudin, SDV USA: The key element of onboarding is a formal contract that clearly outlines the services and/or products provided, as well as their cost, pricing structure, terms and conditions, regulatory requirements, and legal provisions.
The contract can be a key factor in mitigating risk because it dictates legally binding terms and conditions, and protects both parties' interests. It can clearly indicate compliance expectations that both parties require, as well as appropriate and enforceable consequences for violations.
Prior to signing a contract, companies should confirm that the new vendor understands and does business according to the company's code of ethics, compliance policies, procedures, and guidelines; and in accordance with all regulatory laws.
Rigorous due diligence will assist in determining the vendor's compliance with all laws and regulations applicable to the business lines that it will be managing for the company.
Visiting the vendor's site to research its policies, procedures, internal controls, training records, and audits is another effective way to verify compliance.
Transparency and disclosure are important elements of the evaluation, and should be part of the vendor's contractual obligations. The vendor should disclose any investigation or violation of trade compliance laws.
Also, review the vendor's internal documentation such as financial statements, liability insurance certificates, ethics policy, quality and safety manuals, and certifications to determine whether it is consistent with industry standards.
Miller, TransportGistics: Vendor onboarding should include a set of basic steps. Spell out your requirements clearly and concisely so the supplier is aware of your expectations, performance metrics, and common failure points. Encourage open and honest communication at each touchpoint, and bring vendors up to speed on any tools necessary to facilitate compliance.
Set up a regularly scheduled event for identifying issues and creating a path to resolution. Develop scorecards to communicate a summary of the supplier's performance. Finally, draft contracts and purchasing agreements that establish the business rules among trading partners.
Q: What metrics can companies use to measure supplier compliance, and how can they apply the data to improve operations?
Holder, Compliance Networks: The metrics that concern most retailers are on-time delivery and complete orders. They can't sell product they don't have, and it affects sales when a supplier ships late, or less than the order quantity.
Other important metrics from an expense standpoint are shipping the items ordered, and in the condition expected. When the supplier ships items the company did not order, significant time is wasted determining how to handle the merchandise. Similarly, when goods arrive outside the condition expected, additional labor is necessary to correct the situation.
Friedman, Data2Logistics: When measuring performance, companies should consider several service level agreement (SLA) KPIs. Using the primary carrier as stipulated in the buyer's routing guide is key. The use of the prescribed carrier presumably results in the lowest cost to the buyer. It also reduces loading dock congestion because the prescribed carrier is probably also delivering other goods.
On-time shipment based on mutually agreed-to lead times is also important to ensure material is available when anticipated. Incomplete orders should be measured, too, because partial shipments result in extra transportation costs, and can also disrupt production operations.
Finally, measure damaged or defective product deliveries to determine whether they represent an ongoing concern, where the damage took place, and whether the supplier needs to adjust packaging or handling processes.
Cubbler, Exel: Two major metrics are useful in measuring supplier compliance. The first is the number of open corrective actions/preventive actions (CAPAs). Every time a vendor experiences a quality issue, such as an accident or injury, incorrectly picked shipment, temperature inconsistency, or anything that could affect the shipment's quality or accuracy, it generates a CAPA. Several open CAPAs could indicate that a vendor doesn't take a robust approach to quality.
The second metric is system validation documentation, which verifies that the supplier has tested warehouse management and temperature-monitoring systems, for example, to verify they are working as intended. If a vendor can't provide system validation documentation, companies can't be certain of their compliance. Working with this vendor could put your entire operation at risk.
Thollesson, Geodis Wilson USA: A supplier performance scorecard is often beneficial. Implement an early, joint review of scorecard criteria with suppliers, because they must be aware of the role they play in your company's value chain. The supplier scorecard should be weighted based on critical elements and related risk. Specific elements may vary depending on the area in which the supplier is acting.
One metric that applies throughout various supplier areas is invoiced amount compared to expected or ordered amount. Greater accuracy between expected amount and the actual invoiced amount means a more efficient handling process and faster payments for the supplier.
Another metric that often applies to various areas is on-time delivery—not only for logistics and transportation, but also for fulfillment of any purchased goods or services. Other elements to measure are percent of defects or damages, and document accuracy.
Farrell, Kewill: Companies must make sure vendors understand the metrics related to compliance, including where and how they will gather the data, and how they will calculate the metrics. Discussing these matters up front helps save time when a problem occurs, allowing both parties to focus on the issue, and determine how to prevent it from happening again.
Naudin, SDV USA: Suppliers are chosen not only for the services they provide, but also for the expertise and capabilities they offer to create a competitive advantage for the companies they serve.
Measurement provides a way to determine what has been accomplished according to the initial business goals. Several internal and external systems can be used to evaluate supplier compliance, including key performance indicators and continuous reviews.
Common KPIs companies use to measure supplier performance can also help measure compliance, including on-time delivery, financial stability, organizational structure, geographical coverage, and reputation.
Essential to a vendor scorecard are metrics that concentrate on compliance, such as accurate documentation, security, safety, non-conformity reporting, and complaint resolutions.
Many regulations are in place for foreign trade and product safety—tied to hefty penalties for those who do not comply. It is imperative to measure a vendor's ability to deliver accurate, timely documentation. It is also at the company's discretion to decide which documents—such as labor certificates, advanced shipping notices, and importer security filings—to measure for accuracy on a vendor scorecard.
Miller, TransportGistics: An array of performance metrics exist, each specific to a company's process, core goals, and objectives. Companies need to identify the root cause of activities that both drain and boost margins; and factors that encumber and speed material and information flow through the organization. The company can then develop KPIs to address each element, communicate them to suppliers, and measure performance to these KPIs.
Some basic and universal metrics include proper execution of carrier selection, service level and mode, paperwork, and labeling preferences. Other common metrics include issues identified with shipment frequency and timing, order consolidation, communication, freight terms, insurance values, classification, delivery appointments, packaging, and customs.
Q: If compliance violations occur, how should the company and supplier work together to resolve the issue and prevent it from happening again?
Holder, Compliance Networks: The most important reaction from a retailer perspective is to automate the way supply chain failures are communicated. Without an automated notification system, problems might be solved in the distribution center, but never reported to the supplier. If the supplier does not know what issues its customer is experiencing, it can't address the situation.
Creating supplier scorecards, and meeting regularly to review the results, are also important. These actions help suppliers understand the impact of poor performance on the company's operation and sales.
Friedman, Data2Logistics: Communication and collaboration play important roles in identifying the cause of a problem. Open and candid conversations between the company and supplier can help determine the root cause of the violation.
Cubbler, Exel: Not every compliance violation is the same, and companies should be able to recognize the differences. When a company has an SLA, its managers or operators are able to clearly outline expectations to vendors. Companies with SLAs can also understand the importance of vendors in the broader quality system.
If a low-risk violation occurs, arrange for a meeting or call so the supplier can address the situation and develop the appropriate corrective action. Violations that impact safety or product integrity trigger a work stoppage and all-hands-on-deck situation.
The SLA should outline an escalation plan to follow if a serious compliance violation occurs. If the violation is important to the company, it should also be important to the supplier. Once companies have the right players on the phone or at the table, they should immediately try to rectify the situation and determine a long-term plan to prevent it from recurring.
Thollesson, Geodis Wilson USA: Objective measurements—using validated data against set KPIs—should provide an accepted starting point for the company and the supplier. A vendor compliance program should be a part of the company's quality management and business continuity systems. It is wise to issue non-conformance reports to document if vendor non-compliance has reached a set threshold, then perform a root cause analysis.
Farrell, Kewill: If the company and supplier agreed in advance on the performance data to capture, and the method for calculating metrics, they should not need to discuss the violation's validity. Instead, the two businesses can focus on understanding why the violation occurred, and how to prevent it from happening again. Then they can agree on a set of actions to resolve the issues that allowed the non-compliance to occur. They can take a "lessons learned" approach, and, where necessary, change operating processes and retrain workers.
They should also review the metrics to see if a different or amended metric could have raised awareness of the problem sooner. The issue could also warrant establishing an audit process so both partners can track whether the agreed-upon actions have been completed.
Naudin, SDV USA: The company and supplier should review the compliance violation, identify the reason it occurred, and develop and implement an action plan to ensure future compliance. They then should record and review the results of the corrective action, and share this information with all concerned parties.
Miller, TransportGistics: Despite the best planning, training, and intentions, compliance violations inevitably occur. Accepting this as a basic fact of business, the company and supplier should agree upfront on the ramifications of poor supplier performance. Then, they can work through addressing the issue, creating a solution, and measuring the results.
It is customary to impose a series of increasingly more severe penalties for repeat offenses. While some companies may use these chargebacks as a normal course of business, others may do so as a last resort. In either case, the key benefit of the chargeback is that it raises the visibility of the offending behavior inside the supplier's organization. This creates a fertile environment for focusing on the undesired behavior.
Q: What processes and technologies can help detect potential vendor performance problems and prevent them from occurring?
Holder, Compliance Networks: Process is more important than technology 100 percent of the time. When you have people involved, you layer in technology to make the engineered process faster and more efficient. Automation is essential, but you can't automate everything. People still need to perform physical audits and record results. Use technology such as tablets, RF devices, and cameras to not only record the results, but also help you know what percentage of an audit to perform on the supplier's shipment.
This Vendor Performance Classification can single out individual suppliers for additional audits based upon past performance. Previous audit results place vendors into different audit levels, effectively allocating limited resources to where they are needed most.
Some technologies use data from supply chain execution systems to help companies identify supply chain failures in an automated environment. These systems can send emails and reports to suppliers to notify them of the failure. Other systems use supply chain alerts to warn suppliers of imminent failures to attempt to prevent the problem from occurring.
Friedman, Data2Logistics: Access to a Web-based routing tool helps suppliers identify the appropriate carrier to use. Depending on the tool's level of sophistication, it will order the needed equipment or identify the carrier to select.
On the back end of the transactions, companies can test for routing guide compliance to confirm the supplier used the appropriate carrier. The cost of non-compliance is the difference between the actual transportation charges and the rate that would have been charged if the prescribed carrier had been used.
If this is an ongoing problem, the difference may be charged back to the vendor with a routing guide violations penalty. Typically, a buyer's purchase order will outline the requirement for compliance, and the penalty and mechanism for the chargeback process. But it is better if all parties put in place a comprehensive and consistent end-to-end process that each partner agrees to and follows.
Cubbler, Exel: Technology allows more visibility into vendor performance. Companies can see what's going on at a warehouse hundreds of miles away. This is particularly useful for temperature-controlled facilities; companies can receive alerts when the temperature of their products falls out of range.
Thollesson, Geodis Wilson USA: One basic recommendation is to tailor the vendor compliance management system, including the tools and technology, to the organization's size and maturity. It may be most cost-effective for a small organization to use tools such as Visio, Excel, SharePoint, and Access. A larger, more mature organization can implement dedicated supplier management systems, and work more extensively with automation and EDI.
Companies should set continuous measurements and flags for certain thresholds to ensure early detection of potential problems. It is often wise to connect electronically to vendors, either with a business-to-business setup or via a Web portal, to enable continuous data flow for performance analytics, forecasting, and contingency planning. A complete supply chain track-and-trace system—including order management and WMS visibility—can be vital.
Miller, TransportGistics: It is critical to have a well-maintained, updated, and documented receiving process incorporating both data communication and material receipt. This documented process should also include supplier performance criteria that will feed supplier performance metrics.
Technology to support process is equally important. A cloud-based routing guide enables easy access for trading partners to retrieve the most current carrier assignments and rules of engagement. Industry-leading routing guides also allow companies to track user access, receive automatic update notifications, facilitate two-way communications, and audit compliance.
Farrell, Kewill: Visibility applications can help detect potential problems and prevent them from occurring. The input to these applications must consist of the right information at the right time.
With or without visibility applications, companies must institutionalize training and organizational structure to react to an alert of a potential problem, and implement actions to rectify the situation before non-compliance occurs.
Naudin, SDV USA: Putting systems and business processes in place to detect and mitigate potential compliance issues before they occur will help achieve the business goal of reducing transportation and logistics costs.
Best-practice solutions include taking preventive action to eliminate potential problems in order to prevent their occurrence. A documented procedure should define requirements for determining potential non-conformities and their cause, evaluate the action required to prevent a problem, and develop an action plan to ensure future compliance.
Companies cannot successfully manage vendors and overcome non-compliance without integrated technology that handles the flow of purchase orders, electronic data interchange, carrier optimization, tracking, and data analytics.
Q: What are the added complexities of global supplier compliance, compared to domestic?
Holder, Compliance Networks: Global suppliers are required to do more, primarily because of customs compliance requirements. Not only are lead times much longer, but the supply chain can contain more variability because more problems can occur.
The added complexities for global compliance center on the additional data elements companies must track, and the difficulty of gaining access to those data elements. Control of those data elements tends to be siloed, and a third party outside the company's systems often holds them. Companies might have access via a portal, but receiving the data in real time is the best way to go for managing global supplier compliance and performance.
Friedman, Data2Logistics: Imported products bring with them unique attributes not found in domestic shipping. For example, the U.S. government's import regulations impose quotas, licenses, and certificates for certain goods. Import controls may exist for the material you are buying, or the countries from which they originated. Your vendor will be required to supply documentation to receive an import license or other control documents.
A key component of the import process is the correct classification of goods under the U.S. Harmonized Tariff Schedule. Although you may engage freight forwarders or customs brokers to act as your agents to ensure compliance, their mistakes belong to you.
These conditions are further complicated by Incoterms—rules intended to clearly communicate the tasks, costs, and risks associated with transporting and delivering goods. Dealing with global supplier compliance is very serious, and should be handled by a professional experienced in this area.
Cubbler, Exel: Once outside of the United States, it is significantly harder to track and ensure compliance. Global companies often envision global standards and processes, while failing to allow for varying regulations and customer requirements once exiting a country's boundaries.
This requires companies to invest in managing the expectations of global auditors, inspectors, and procurement managers so they can be forewarned about making unrealistic comparisons and assumptions to standards, which may not be practical or legal in another region of the world.
Other factors include extended shipping lead times; and varied enterprise resource planning, transportation, and warehouse management systems, which ultimately impact supply chain visibility.
Maintaining the pedigree of products by managing the touchpoints and climate conditions throughout the supply chain is extremely difficult. And customs clearance delays can cost shippers the opportunity to store products in a warehouse designed to meet long-term storage needs, and equipped with appropriate security.
Thollesson, Geodis Wilson USA: Different languages and time zones create obstacles to clear and fast communication. Different cultures and varied political and legal systems lead to even more challenges, and understanding a country's local social and business culture is a key to success.
In addition, businesses must comply with the Foreign Corrupt Practices Act and other anti-bribery laws. Can a supplier overseas work with self-service information? How can the data be validated? There may also be regional variations within the same country, such as different taxes for the same types of goods or services, depending on origin and destination.
Further complexity accompanies importing or exporting regulated items, which requires different licenses or certificates. Intellectual and property rights may not be subject to the same protection in other countries, adding items the company must validate within its supplier management and compliance program.
With local presence and business knowledge, a global supplier can often support country-to-country shipment requirements, providing visibility to the global supply chain. This may facilitate supplier compliance if operating within a global system for sharing the same data.
Farrell, Kewill: Companies not used to operating globally may encounter issues related to making contact with their suppliers/vendors in different time zones, and dealing with multiple currencies.
It may also be difficult to measure conformity because of external factors potentially beyond the company's or supplier's direct control, such as legislative, customs, and compliance issues.
While a supplier may have finished manufacturing the goods on time, and may have dispatched them to the port, the freight may not depart on time if shipments aren't in compliance with customs regulations.
Naudin, SDV USA: With increased government scrutiny and regulations enforcement, the stakes are high for companies trading on the international market. Compliance programs are an essential risk management tool in today's international business environment.
When dealing with a global supplier, companies must adhere to the various laws and regulations in each location, as well as customs' import/export specifications, and the area's culture, ethics, language, and government.
In addition, when supply extends beyond domestic borders, the level of security has a large impact on the business relationship. Risk management may be more difficult—and more costly—to control. To support planning, it is beneficial to know the risks involved.
Regulatory compliance programs may vary by region to meet local and international regulatory agency requirements. On a local level, each individual office must follow applicable law for the relevant city, state, province, region, or locality.
In the event that official trade sanctions, embargoes, or other known export/import controls impact the legal environments of other countries, the trading division must seek clear and formal advice from the relevant legal departments.