Given the dangers of third-party risk, it’s not surprising that so many organizations have developed supplier codes of conduct. Like everything else in compliance, though, the trick is in just having one, its in having the right one.
Patty Houser (LinkedIn), Compliance Counsel at Land O’Lakes reminds us in this podcast that a supplier code of conduct should be like an internal one: set high expectations ,provide guidance and promote ethical practices. It is also a chance for the company to confirm its commitment to integrity and sound business practices.
The supplier code should be recognized as a statement to suppliers and public about what it stands for, including the company it keeps.
Going much beyond that, and getting too far into the weeds, though, is not advisable she says. There are other documents for getting into the specifics, including the terms of the contract.
When drafting a supplier code she recommends:
- Focusing on the challenges of the jurisdictions with the most risk
- Looking at what your own internal code of conduct says
- Examining supplier codes of others in your industry
- Taking the time to understand the sophistication of your suppliers
- Assessing the risks inherent in the industry
- Reviewing internationally-recognized standards
- Setting expectations and giving guidance
- Asking your suppliers for feedback to see if what you has written is workable. As she warns, “Compliance with the impossible is no compliance at all.”
Finally, don’t forget one other key audience for the supplier code: your organization’s business unit. To secure their buy in, take them back to your own code of conduct and the commitment to doing things the right way. Also, show them the risk of a supplier that doesn’t do things properly, including the reputational damage it can do to your firm.
In the end this is all about finding well qualified business partners that can both supply and protect your business.