Audits and questionnaires have long been relied upon for supply chain risk management. Audits involve a thorough review of a supplier's operations and are typically conducted by a third-party auditor. They help to identify potential risks and ensure compliance with regulations and standards. Questionnaires, sometimes called desk audits, are used to gather information from suppliers about their practices and procedures. A survey conducted by the Supply Chain Management Review found that 67% of organizations use audits and 54% use questionnaires for supply chain risk management.
Governments and investors are increasingly requiring companies to understand and manage risks in their supply chains. Risks range from Scope 3 emissions to forced labor. This demand is being driven by a growing recognition that supply chain risk events can have far-reaching consequences for businesses, including reputational damage, financial losses, and legal liabilities. To mitigate these risks, governments are enacting regulations that require companies to conduct due diligence on their supply chains, such as the Uyghur Forced Labor Prevention Act (passing the House of Representatives with a 428-1 vote) and the UK Modern Slavery Act. Investors are also pushing for greater supply chain transparency and risk management, with initiatives such as the CDP Supply Chain Program, which evaluates companies on their supply chain sustainability performance. As a result, companies are recognizing the importance of identifying and managing supply chain risks, and are taking steps to improve their risk management processes and increase transparency in their supply chains.
Analogue solutions like questionnaires and audits are costly, time consuming, and leave companies open to significant loss. Here’s four reasons why relying solely on these solutions is a bad strategy:
- Most surveys/questionnaires go unanswered
A survey conducted by the Ethical Trading Initiative (ETI) found that suppliers can receive up to 200 requests for information per year from different customers, leading to a significant burden on their resources. One reason is that suppliers may perceive the surveys to be time-consuming and burdensome. They may be required to complete multiple surveys from different customers, and may not have the time or resources to complete them all. Additionally, some suppliers may be reluctant to disclose sensitive information about their operations or supply chain, particularly if they perceive the information to be commercially sensitive or confidential. Suppliers may not see the value in participating in surveys, particularly if they do not see a direct benefit to their business. Suppliers are running businesses with the same time/resource constraints as their buyers.
- Site audit data is full of errors
A study published in the Harvard Business Review found that supplier audits are often ineffective at identifying human rights violations in supply chains, as auditors tend to focus on the symptoms rather than the root causes of problems. Another study by the University of Bath found that supplier audits can create a "tick-box" mentality among suppliers, where they focus on meeting the requirements of the audit rather than making meaningful improvements to their operations. Additionally, some suppliers may engage in deceptive practices to pass audits, such as hiding non-compliant practices or falsifying records. A study by the Institute of Labor Economics found that supplier site audits can be unreliable and prone to error, as auditors may not have the necessary expertise or resources to conduct thorough assessments. Additionally, some suppliers may engage in deceptive practices to pass audits, such as hiding non-compliant practices or falsifying records. Another study by the International Labour Organization found that supplier site audits can also create a "race to the bottom" among suppliers, where they compete to meet the minimum requirements of audits rather than making meaningful improvements to their operations. Buyers are missing critical data like the suppliers’ supplier data which according to regulators is of equal importance.
- Checkbox Mentality
A study by the International Labour Organization found that compliance-focused approaches, such as audits and checklists, can create a "race to the bottom" among suppliers, where they focus on meeting minimum requirements rather than addressing underlying risks. Checkbox compliance mindsets can lead to a situation where suppliers and organizations focus more on meeting minimum requirements rather than addressing underlying risks. This is a common problem with compliance programs that rely on audits and checklists to assess supplier compliance. Compliance with these requirements does not necessarily guarantee that the supplier is addressing all the risks associated with its operations, nor does it ensure that the supplier is meeting the expectations of the organization or its stakeholders. This mindset can lead to a false sense of security and a failure to identify and mitigate risks that are not captured by compliance requirements. (ILO 2019)
- Misaligned Incentives
There are often misaligned incentives for companies requiring their suppliers to answer surveys. On one hand, companies need to understand the risks in their supply chains in order to ensure compliance and protect their reputation. On the other hand, suppliers may see the surveys as a burden and may not be incentivized to provide accurate or complete responses. A study by the University of Bath found that suppliers may view surveys as a "tick-box" exercise and may only provide the minimum amount of information necessary to pass the survey. Additionally, suppliers may not have the resources or expertise to fully understand the risks in their own supply chains, making it difficult for them to provide accurate information. This misalignment of incentives can result in incomplete or inaccurate information being provided to companies, which can ultimately put the entire supply chain at risk. (Bocken et al., 2015)
Missing leading indicators that questionnaires do not catch is costly for business. For instance the cost of human rights risks in supply chains can be significant, with estimates ranging from 2% to 7% of a company's annual turnover. (International Labour Organization, 2016). Audits and questionnaires should be viewed as lagging indicators (what has already happened) and should be viewed as tools in a much bigger Supply Chain Risk Management toolbox which also includes leading indicators like big data analytics, AI, predictive models, federated supplier data, and more (what is currently or will be happening).
FRDM is a Supply Chain Risk Management (SCRM) solution helping companies identify risks to their business like modern day slavery and avoid import detentions like WROs or comply with new regulations like Germany’s LKSG. To learn more about how FRDM is helping businesses drive more value out of their SCRM efforts with leading indicators go here.