Skip to main content
Find a Lawyer

Extending Compliance Programs to Suppliers Part 1

An issue that is coming up more frequently in the context of vendor relationships is whether or not the purchaser should insist that its vendors and other parties involved in the supply chain process should be subject to specified elements of the purchaser's own global compliance rules and procedures. It is clear that with increased use of rapid communications technologies and sophisticated logistics tools, companies are becoming more dependent on the skills and actions of outside firms and persons who are not their employees. As such, it is understandable that companies may be concerned about whether their domestic and foreign partners are adhering to ethical principles and obeying applicable laws. However, before extending the scope of their compliance programs to their suppliers companies must carefully evaluate the legal consequences associated with that decision, including the possibility that they will be held responsible for liabilities arising from supplier legal problems.

In addition to legal considerations companies are also becoming increasingly sensitive to how the business practices of their partners, particularly foreign vendors, may reflect on how they are perceived by regulators, customers and investors. For example, US companies have come under strong criticism when it is disclosed that they have used overseas suppliers that have used child and/or forced labor in their manufacturing activities on behalf of their US customers. In fact, states such as California have adopted new laws and regulations that mandate more "transparency" in supply chains by requiring that companies conducting a certain minimum volume of business in their state disclose their policies and procedures with regard to auditing the personnel practices of their suppliers (for an example of a disclosure statement see Gutterman, Business Transactions Solution section 37:150.50.). In light of how the business conduct and practices of third parties can expose companies to legal liability and/or have an adverse impact on their image and reputation it comes as no surprise that they are considering and implementing various strategies for making sure that the rules and principles in their corporate compliance programs are applicable to their business partners (i.e., suppliers and contractors performing various activities such as customer service and maintenance).

One basic step that should always be taken is to include standard language in every contract with an outside party that creates a contractual duty on that party to comply with all applicable laws and regulations and spells out specific areas of concern (e.g., the FCPA in the case of foreign parties dealing with local government officials). Beyond that, however, companies are beginning to create their own standards for supplier activity and integrating those into how they create and manage their supplier relationships. For example, the company may issue ethics guidelines in connection with procurement activities that provide guidance for managers and employees that may be involved in selecting vendors for goods and services needed by the company for its operations. See Gutterman, Business Transactions Solution section 37:151. In addition, a company may promulgate a social and environmental responsibility policy for its suppliers. See Gutterman, Business Transactions Solution section 37:152. This policy becomes a public statement of the values and business practices that the company seeks in its supplier group and a de facto checklist for the due diligence that company personnel are expected to do before entering into a relationship with a new supplier. The requirements and expectations in such a policy can then be made a part of the formal contractual arrangement between the parties through the use of a supplier social and environmental responsibility agreement.

Company policies regarding social and environmental responsibility are often derived from industry-wide efforts to develop, and build a consensus for, standards for socially responsible business practices that would apply to all participants in a supply chain regardless of their size or where they are located. An example of such an approach is the Electronic Industry Code of Conduct initially released in October 2004 following collaboration by some of the major manufacturers in the electronics industry. This Code of Conduct becomes the basis for company-specific policies that include standards for labor, health and safety, environmental matters, and business ethics. In addition, companies electing to comply with the Code of Conduct would be expected to establish and maintain an acceptable system of internal controls and procedures to ensure that they carry out their business activities in a manner that meets or exceeds the specific standards in each area. The Code of Conduct has been updated and revised several times since its initial release and the latest version can be accessed through the website of the Electronic Industry Citizenship Coalition.

While imposing compliance standards on partners in the supply chain seems to make a lot of sense, and may have actually become a mandate to fulfill specific legal obligations, a word of caution is in order for those companies adopting such an approach. One obvious potential problem, especially with suppliers in remote foreign countries, is making sure that adequate resources are invested in actual monitor of supplier activities and enforcement of the standards set forth in policies and supplier agreements. One of the reasons for including third parties within a compliance umbrella is the ability to represent to regulators, customers and investors that the company is indeed a good "corporate citizen" and deals only in goods and services that have been produced in accordance with the highest legal and ethical standards.

If it turns out that their vendors fail to follow those standards the company runs the risk that its own reputation will be tarnished, particularly if it can argued that the company did not adequately monitor a vendor's activities. It is important therefore for companies to use their contractual audit rights and take other reasonable steps to monitor their suppliers including regular visits to supplier facilities to observe the effectiveness of the supplier's efforts to adhere to labor and environmental standards (for an example of audit procedures, see Specialty Form at section 37:153.30). In fact, failure to do so might even be perceived as a breach of an unexpected duty to a third party such as a customer injured by products provided by the supplier or even employees of the supplier. Potential problems of this type should be managed by including language in policies or supplier agreements that expressly deny that anything therein is intended to create duties to and rights in favor of third parties. The content and conduct of the audit process should be driven by objectives standards for suppliers that set out basic expectations with respect to fundamental issues such as voluntary labor, labor hours, hiring and employment practices, compensation, freedom of association and collective bargaining, dormitories and canteens, and the environment. See Specialty Form at section 37:153.70.


Alan S. Gutterman is the founder and principal of Gutterman Law & Business (http://www.alangutterman.com), a leading provider of timely and practical legal and business information for attorneys, other professionals and executives in the form of books, online content, webinars, videos, podcasts, newsletters and programs that also offers legal and training services to businesses of all sizes around the world. Mr. Gutterman has three decades of experience as a partner and senior counsel with internationally recognized law firms counseling small and large business enterprises in the areas of general corporate and securities matters, venture capital, mergers and acquisitions, international law and transactions, strategic business alliances, technology transfers and intellectual property, and has also held senior management positions with several technology-based businesses including service as the chief legal officer of a leading international distributor of IT products headquartered in Silicon Valley and as the chief operating officer of an emerging broadband media company. All editions of the Business Counselor Advisor are compiled into Business Counselor Update, which is released monthly and available along with other publications by Mr. Gutterman on the Thomson Reuters Legal Solutions site and through Westlaw Next at Business Counselor. Mr. Gutterman can be reached at agutterman@alangutterman.com.

Was this helpful?

Copied to clipboard