Complying with the EU Corporate Sustainability Reporting Directive (CSRD)

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

Complying with the EU Corporate Sustainability Reporting Directive (CSRD)involves several key steps and considerations for businesses. The CSRD significantly expands the sustainability reporting requirements for companies in the EU. Here’s a guide to what your business needs to do: 

 Understand the Scope and Applicability

  • Determine Eligibility: The CSRD applies to all large companies, whether they are publicly listed or not. Specifically, it targets companies with more than 500 employees. 
  • Timeline Awareness: Be aware of when the CSRD requirements will apply to your business. The directive is expected to be applied in stages starting from 2024 for reports published in 2025. 

 Develop Robust Data Collection Systems

  • Data Collection and Management: Establish or enhance systems for collecting a wide range of ESG (Environmental, Social, and Governance) data. This includes environmental impact, social practices, and governance structures. 
  • Technology Integration: Consider implementing technology solutions that can help in accurately collecting and managing sustainability data.

Align Reporting with CSRD Requirements

  • Understand Reporting Criteria: Familiarize yourself with the specific reporting standards and formats that the CSRD mandates. This includes details on sustainability-related matters such as environmental protection, social responsibility, and treatment of employees. 
  • External Standards and Frameworks: Align your reporting with recognized sustainability frameworks and standards that are consistent with CSRD requirements. 

Integrate Sustainability into Business Strategy

  • Strategic Alignment: Ensure that your company’s strategy reflects a commitment to sustainability, as the CSRD aims for sustainability to be integrated into the business model. 
  • Stakeholder Engagement: Engage with stakeholders, including employees, customers, and suppliers, to understand their perspectives and incorporate their feedback into your sustainability practices. 

Establish a Sustainability Governance Structure

  • Governance Framework: Set up a governance framework for sustainability reporting, ensuring that there is oversight and accountability within the organization. 
  • Training and Awareness: Train relevant staff on CSRD requirements and the importance of sustainability reporting. 

Prepare for Assurance and Verification

  • Assurance Readiness: Prepare for external assurance of your sustainability reporting, as the CSRD requires assurance on the reported sustainability information. 
  • Transparency and Accountability: Focus on the accuracy and transparency of your reporting to build trust with stakeholders and comply with the directive. 

Stay Informed and Adapt

  • Regulatory Updates: Stay updated on any changes or updates to the CSRD and related regulations. 
  • Continuous Improvement: Regularly review and update your sustainability practices and reporting to ensure ongoing compliance and improvement. 

Communicate and Disclose

  • Effective Communication: Develop a communication plan to effectively disclose sustainability information both internally and externally. 
  • Report Preparation: Prepare your sustainability reports in line with CSRD guidelines and ensure they are accessible to stakeholders. 

Conclusion
Compliance with the CSRD is not just a regulatory requirement; it’s an opportunity to embed sustainability into the core of your business operations. By taking these steps, businesses can not only comply with the directive but also demonstrate their commitment to sustainable development and corporate responsibility. 

Corporate Sustainability Due Diligence Directive (CSDDD)

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

Corporate Sustainability Due Diligence Directive (CSDDD) requires a comprehensive approach from businesses. The CSDDD aims to ensure that companies operating in the EU market address and mitigate adverse impacts on human rights and the environment within their operations and supply chains. Here’s a guide on what your business needs to do: 

Understand the Directive and Its Scope

  • Determine Applicability: The CSDDD applies to large companies operating in the EU market. This includes EU companies with significant turnover and a certain number of employees, as well as non-EU companies with substantial business in the EU. 
  • Scope of Operations: Understand that the directive covers your operations, your subsidiaries, and your supply chain, including indirect business relationships.

Conduct Thorough Due Diligence

  • Risk Assessment: Carry out a thorough risk assessment to identify actual and potential adverse impacts on human rights and the environment in your operations and supply chains. 
  • Action Plan: Develop and implement an action plan to address, prevent, and mitigate identified risks. 

Engage with Affected Stakeholders

  • Stakeholder Engagement: Actively engage with potentially affected groups, including workers, local communities, and other relevant stakeholders, to understand their concerns and perspectives. 
  • Feedback Mechanisms: Establish and maintain a system for receiving and addressing feedback or complaints from affected stakeholders. 

Implement Effective Governance Structures

  • Responsibility and Oversight: Assign responsibility for due diligence at a high governance level within your organization. 
  • Training and Awareness: Ensure employees and management are trained and aware of the due diligence requirements. 

Ensure Transparency and Reporting

  • Public Reporting: Prepare and publicly disclose an annual report on your due diligence policies, processes, findings, and actions taken. 
  • Transparent Communication: Be transparent about the challenges and limitations faced in addressing adverse impacts. 

Monitor, Evaluate, and Update Due Diligence Practices

  • Continuous Monitoring: Regularly monitor the effectiveness of your due diligence measures. 
  • Regular Updates: Update your due diligence processes as needed based on monitoring results and evolving risks. 

Prepare for Legal Compliance and Liability

  • Legal Compliance: Understand and comply with the legal obligations under the CSDDD, including civil liability provisions. 
  • Documenting Compliance: Keep thorough records of your due diligence efforts to demonstrate compliance. 

Establish End-to-End Supply Chain Management

  • Supply Chain Collaboration: Work collaboratively with suppliers and business partners to ensure they understand and comply with the CSDDD requirements. 
  • Contractual Clauses: Include appropriate clauses in contracts with suppliers and business partners to ensure compliance with due diligence obligations. 

Develop a Responsive Strategy for Identified Risks

  • Mitigation and Remediation: Develop strategies to mitigate any adverse impacts and provide for remediation where harm has occurred. 
  • Ending Relationships: Be prepared to end business relationships if mitigation of adverse impacts is not possible. 

Conclusion
Compliance with the CSDDD is a crucial step towards responsible and sustainable business practices. By integrating due diligence into your business operations and addressing potential adverse impacts on human rights and the environment, your company not only adheres to regulatory requirements but also contributes positively to societal and environmental well-being. 

Evolving Corporate Sustainability Regulations

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

Corporate sustainability has gained unprecedented importance in the face of global challenges like climate change and human rights issues. Businesses are increasingly held accountable for their environmental degradation and social impacts. Legislative and regulatory changes are redefining corporate responsibilities towards sustainability, moving beyond voluntary initiatives to mandatory compliance.

From EU regulations such as the Corporate Sustainability Reporting Directive (CSRD) to the global standards of the International Sustainability Standards Board (ISSB) and the Task Force on Climate-related Financial Disclosures (TCFD),  the reporting landscape is transitioning at lightning speed.

The Council and the European Parliament reached a provisional deal on the Corporate Sustainability Due Diligence Directive (CSDDD), which aims to enhance the protection of the environment and human rights in the EU and globally. The due diligence directive will set obligations for large companies regarding actual and potential adverse impacts on human rights and the environment, with respect to their own operations, those of their subsidiaries, and those carried out by their business partners.

Which regulations apply to you?

Key Frameworks: The CSDDD, CSRD, ISSB, and TCFD represent significant legislative and regulatory shifts, mandating comprehensive sustainability practices and reporting.

Implications for Organizations: These frameworks signal a shift from voluntary to mandatory sustainability practices, emphasizing transparency, accountability, and long-term planning.

Read more over the next few days as we provide insight into CSRD, ISSB, TCFD, and the CSDDD.

TYS Podcast S2E1- Navigating Supply Chain Risks

In the ever-evolving landscape of procurement, understanding and mitigating risks have become paramount for businesses seeking sustained success. In the inaugural episode of “TYS Lunch & Learn,” hosted by Fatima Lacanlale, Nick Picone, VP of Advisory Practice at Trust Your Supplier, sheds light on critical aspects of digital transformation, supply chain dynamics, and the future of how to mitigate risk in procurement. 

Unlocking the World of Risks:
Nick, a seasoned professional with nearly two decades of experience in the business software industry, delves into the intricacies of supplier risks, particularly focusing on financial vulnerabilities. With companies facing historic acceleration in interest rates, small and medium-tier suppliers are grappling with financial stress. The result? A significant increase in bankruptcies, posing a substantial threat to supply chain continuity. 

Nick emphasizes the need for organizations to grasp the impending challenges, with $4 trillion of debt expected to roll over at much higher rates in the next four years. Small and medium-tier suppliers, often crucial to a company’s operations, are likely to bear the brunt. To address this, businesses must act swiftly, collaborating with suppliers to mitigate risks or exploring alternative sourcing strategies. 

The Power of Visibility and Clean Data:
A recurring theme in the conversation is the importance of visibility and clean data. Nick asserts that clean, segmented data forms the foundation for achieving comprehensive visibility across the supplier base. The ability to augment this data with real-time insights from third parties and take actionable steps is essential.  

Trust Your Supplier (TYS) emerges as a solution that empowers businesses with the agility to navigate these challenges, offering a single, unified platform for data security, governance, and risk management. 

Actionable Steps for a Resilient Future:
Nick provides actionable steps for businesses looking to enhance their visibility and mitigate risks. The key lies in intellectual curiosity and collaboration. Leadership within organizations must engage in internal dialogues and collaborate with external providers like TYS to understand and solve the complex problems associated with procurement risks. The adoption of modern technology, including blockchain platforms, is pivotal in achieving control over data, fostering trust, and ensuring transparency—an approach that Trust Your Supplier advocates. 

In conclusion, this episode underscores the critical need for businesses to proactively address risks in their supply chain. By leveraging technology, fostering collaboration, and staying intellectually curious, organizations can not only navigate the challenges posed by financial uncertainties but also build a resilient supply chain that stands the test of time. Stay tuned for more insights and expert discussions in future episodes of ” Lunch & Learns.” 

Navigating Data Governance in Supply Chain Management: The Critical Role of Supplier Segmentation

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

In today’s global business environment, managing supply chain risks and ensuring compliance with both regional and global regulations is more challenging than ever. Central to this challenge is the effective governance of supplier data, which encompasses a wide range of aspects from contracts and insurance to audits and purchase orders. This blog explores the importance of utilizing supplier segmentation as a strategic tool in managing data governance and mitigating risks. 

Understanding Supplier Segmentation: 

Supplier segmentation is the process of categorizing suppliers based on various criteria such as spend, risk, strategic importance, and compliance. This segmentation allows organizations to apply different management techniques and resources based on the category of the supplier. 

Enhancing Data Governance through Supplier Segmentation

>Revalidation of Data: Regular revalidation of supplier data is essential for maintaining its accuracy and relevance. Segmentation helps prioritize which suppliers require more frequent or detailed revalidation processes. 

>Risk Assessment: Different suppliers pose different levels of risk. Segmentation allows for tailored risk assessment strategies, focusing more intensely on high-risk or high-impact suppliers.

Compliance with Global and Regional Regulations

>Understanding Regulatory Landscape: Each segment of suppliers may be subject to different regulatory requirements based on their location, size, or industry. 

>Customized Compliance Strategies: Segmentation enables the development of compliance strategies that are specifically tailored to the regulatory requirements of different supplier groups. 

Third-Party Risk Management

>Identifying and Monitoring Risks: Effective segmentation helps identify the various risks associated with each supplier group and setting up appropriate monitoring mechanisms. 

>Proactive Risk Mitigation: By understanding the risk profile of each segment, companies can proactively develop mitigation strategies.

Contract Management and Insurance

>Tailored Contract Strategies: Different supplier segments may require different contract terms and conditions based on the level of engagement and risk involved. 

>Insurance Requirements: Supplier segmentation helps in determining appropriate insurance requirements and levels of coverage for different supplier categories. 

Audits and Purchase Orders

>Audit Planning: Segmentation aids in planning audits, focusing resources on high-risk or high-value suppliers. 

>Streamlining Purchase Orders: By understanding the nature and requirements of each segment, companies can streamline their purchase order processes for efficiency and compliance. 

Conclusion

In the complex and ever-evolving world of global supply chain management, supplier segmentation stands out as a vital tool for effective data governance. It not only ensures compliance and mitigates risks but also optimizes resources and enhances operational efficiency. As businesses continue to navigate the intricacies of global and regional regulations, the strategic use of supplier segmentation will be a key factor in their success. 

Want to learn more? Let’s talk!

 *** 

Trust Your Supplier (TYS) is a Small, Minority and Woman owned business with a global reach offering an innovative blockchain-based solution for supplier and risk management to large and mid-size enterprises. By harnessing the immutability of the blockchain, TYS ensures daily monitoring, historical, predictive, and prescriptive risk insights, enabling trusted data exchange and workflow automation beyond traditional boundaries. This distributed ledger technology fosters transparency, efficiency, and empowerment for businesses to effectively manage suppliers and mitigate risks.  

FAQ: How do questionnaires play a role in supplier compliance & risk management?

Frequently Asked Question: How do questionnaires play a role in supplier compliance & risk management?

Questionnaires are a vital component of supplier compliance and risk management. At Trust Your Supplier (TYS), we leverage a range of questionnaire features to ensure comprehensive and efficient supplier evaluations. Here’s how our questionnaires contribute to effective supplier management:

  1. Standardized: TYS collaborates with a consortium of major buying organizations to develop and maintain standardized questionnaires applicable across various industries. These questionnaires are regularly updated to reflect new requirements and regulations, reducing the number of questions suppliers need to answer while ensuring thorough compliance checks.
  2. Custom: Recognizing that organizations may have unique regional and global risk management needs, TYS offers custom questionnaires. These cater to specific regulatory requirements that may not be covered by standardized questionnaires, providing tailored solutions for unique compliance challenges.
  3. Questionnaire Groups: TYS allows the creation of questionnaire groups, which can combine multiple questionnaires based on common requirements such as location, product, service, or other features. This grouping simplifies the process for suppliers and ensures that all relevant compliance aspects are covered efficiently.
  4. Automated: The TYS approvals workflow can be customized and automated for each questionnaire. Each supplier answer is scored based on your internal risk thresholds. Any response that doesn’t align with the preferred score is automatically flagged for further review by the appropriate team. This automation allows your team to focus on critical issues rather than reviewing every answer, enhancing efficiency and effectiveness.
  5. Predictive: TYS enables buyer teams to create rules that predict which questionnaires should be assigned to a particular supplier. This feature is invaluable as new compliance regulations and laws emerge globally, allowing organizations to reach more suppliers without extensive manual outreach. During onboarding, suppliers can be easily assigned to the appropriate questionnaire group, ensuring relevant risk assessments are conducted seamlessly.
  6. Internal Due Diligence: Internal Due Diligence checklists are customized by your team and used to manage tasks such as procurement reviews or additional onboarding steps outside of TYS. These internal questionnaires help teams stay synchronized and ensure all necessary internal checks are completed.

By incorporating these features, TYS ensures that questionnaires play a pivotal role in managing supplier compliance and risk. They provide a structured, efficient, and comprehensive approach to evaluating and monitoring suppliers, helping organizations maintain high standards of trust, transparency, and regulatory compliance.

Learn more about how TYS’s questionnaire features can enhance your supplier compliance and risk management with these resources:

TYS Questionnaire Features Infographic 

The “Q” Word blog post

What Is The Real Cost Of Missing Or Inaccurate Data?

by Sai Nidamarty, Trust Your Supplier Co-Founder & CEO

Let’s get the cursory narrative regarding the cost of missing data out of the way first. 

We have all heard Peter Drucker’s business maxim, “If you can’t measure it, you can’t manage it,”. It is a timeless guidepost of how we run our businesses. By the way, Peter never actually said that, but that is a story for another day. 

 Then we can turn to the various articles and studies over the past few years reporting that bad or poor-quality data costs the U.S. economy $31 trillion annually. That’s a big number, and so is the finding that 90% of the world’s data was created in the last two years. 

The above are all facts and verifiable. But what do they really mean? What does missing or inaccurate data really cost on a practical, everyday level?  

There are better venues for a deep analysis than the limitations of an article or blog post. My focus today is to start a dialogue enabling you to transition data strategy from a broad horizon concept to an actionable on-the-ground understanding. In other words, you already know that data is important and that there are consequences for missing or inaccurate data. What’s needed now is to answer the question, what will you do about it? 

Data Challenges 

In an upcoming webinar, we will convene a panel of industry experts and thought leaders to closely examine data challenges from the following three critical points: 

  • Data consequence 
  • Data culture 
  • 3-Point centralized planning & supplier oversight data framework 

When we talk about “data consequence,” we are not talking about broad-stroke generalizations but a fundamental and accessible understanding of impact. 

For example, a news article reported that due to a data glitch, Hawaiian Airlines charged dozens of customers “hundreds of thousands of dollars in credit card fees.” 

One customer reported being “mistakenly charged more than $150,000,” even though they have a “$10,000 limit on their Hawaiian Miles credit card.”  

While another customer was charged $674,000 for airline tickets, others obtained free travel vouchers by paying taxes and associated fees. You can imagine the frustration when the airline canceled their flights. 

Beyond a financial mess, the airline’s reputation also took a significant hit. How do you measure that in dollars? 

Unfortunately, examples like the one above are not rare or isolated incidences limited to the travel industry. Nor do most cases present themselves in such a prominent and noticeable way. Data quality erosion is an even bigger problem because you may only recognize it once its impact is evident on a larger, less manageable scale. 

Creating The Right Culture 

Given the volatility of supply networks in the post-pandemic world, it isn’t surprising to hear the C-Suite talk about supply chain visibility, resilience, and risk management. 

A recent post by Nick Picone regarding a contentious issue about inflationary price increases between a large, national grocery chain and Frito-Lay underscores the importance of data visibility and transparency. 

But how do you get to the point of leveraging tools and technology to move from data darkness to data insight and understanding? 

A May 2021 article in Procurement Insights highlighted the importance of creating a data culture starting at the C-Suite level. According to the author, CEOs must “recognize the importance of data beyond a conceptual perspective and see it in a practical bottom-line context.” Citing everything from “customer satisfaction and regulatory compliance” to employee empowerment, they make a strong case for “becoming a data-driven organization.” 

The 3-Point Supplier Data Plan  

Partner, Mitigate, Comply is at the heart of the 3-Point centralized planning & supplier oversight data framework. Going forward, I will call it the 3-Point supplier data plan.   

The 3-Point supplier data plan focuses on providing tools and data for organizations to efficiently partner with trusted suppliers, mitigate risk, and ensure ongoing compliance.  

In addition to data consequence and culture, during the upcoming webinar, the panel will get into the specifics of the above 3-Point plan highlighting how you can introduce it to your organization. Register to save your seat. 

The “Q” Word – Questionnaires

A favorite character in the James Bond series (other than James himself) is Q. Q always has these amazing hi-tech gadgets that save James from a certain demise at just the right time. Explosive alarm clocks, the Knife Shoe, exploding pens, a submarine Lotus Esprit, and of course the attacking sofa. He also has little patience for James and his laissez-faire attitude.  Q is cool.  

For your suppliers, what’s not cool is the “Q” word: Questionnaires.

Suppliers receive and return countless questionnaires containing dozens to hundreds of questions from each customer. Many of these questions are similar from customer to customer with slight variations and various formats. Just google “supplier questionnaires” and you’ll be overwhelmed with many template options and suggestions of what to include in your questionnaires. 

So as a procurement organization, what should you include in your questionnaires? And how do you keep them up to date? Key global risks, evolving market conditions, geopolitical issues, and new compliance mandates require revisions to your questionnaires to collect crucial pieces of information from your suppliers. This is necessary to mitigate any risk to your organization. 

Each time a company sends out a questionnaire or sends an updated questionnaire, the supplier must respond to each customer separately. The queue for having your specific questionnaire updated and returned can be quite lengthy, therefore creating a lag in the transfer of information. This lag leads to stale data and a lack of visibility to manage your company’s risk in current market conditions.

So, what’s the solution?  The “S” word: Standardization. Trust Your Supplier (TYS) has pulled together a conglomerate of major buying organizations to develop a set of questionnaires that are standardized. These questionnaires cover industry, location, and buyer-specific issues that allow each organization to assign the relevant questionnaires to their suppliers. And these questionnaires are kept updated to reflect new requirements and regulations.

Here’s an example of how it works: 

A set of questionnaires can be assigned to a supplier by a customer. Once those questionnaires have been completed and published by the supplier, the procurement team can review the answers. But there’s more!  Suppliers can then share the same completed questionnaires with other customers…with just a click of a button. So instead of sending the same 200 answers separately to each customer, the supplier now just needs to focus on any unique questions a customer may have. This dramatically reduces the supplier’s administrative burden as well as the onboarding time and keeps their information current and accurate.  

Let’s suppose this supplier has added a new product and now they are working with conflict minerals. No problem. The supplier can update the Conflict Minerals questionnaire and once published, the system will automatically notify every connected customer. The supplier’s new motto is now: “Do Once, Share with Many.”

These standardized questionnaires offer additional benefits to buyer teams. The TYS approvals workflow can be customized and automated with each questionnaire. Each answer can be “scored” based on your internal risk threshold. Any answer that does not align with your company’s preferred score will then be directed to the appropriate team role for further review and approval. This allows your team to focus on undesirable answers rather than spending time reviewing all answers.

Another TYS feature that softens the blow of the Q word is Questionnaire Groups. Depending on the supplier segmentation strategy, buyer organizations can use a targeted approach to send relevant questionnaires to a configured group of suppliers. These groups are customized by the buyer team and then assigned as a group to suppliers that fit into that category (i.e., location). This simplifies the questionnaire assignment process for the buyer team. 

And the newest TYS feature is Predictive Questionnaires. Buyer teams can create a set of rules that will predict which questionnaires should be assigned to a particular supplier. This is tremendously valuable as new compliance regulations and laws come into play throughout the world, and provides the opportunity to reach more of your supplier base without further manual outreach.

Ultimately, standardization and automation result in benefits for both supplier and buyer organizations. The reduction in the onboarding cycle time allows transactions to occur faster and there is reduced administrative effort on both sides. Buyer organizations can also then benefit from having full visibility into their supplier base for strategic decision-making and risk management.  

Check out a real example of how quickly suppliers can complete their profiles and questionnaires on the TYS system.

“Glocal” Supplier Management – Balancing Global and Local Requirements

For enterprise organizations, globalization adds complexity with a need to assess suppliers across a broad spectrum of subject areas to ensure compliance with both global regulations and regional operating requirements. Local regulations and laws require procurement organizations to take into consideration any specific needs, often complicating the process of engagement or risk management. 

How do you ensure suppliers are compliant and operating responsibly no matter where they are in the world?   

Trust Your Supplier is a “Glocal” solution that allows procurement organizations to manage multiple, complex risk areas efficiently while establishing relationships with suppliers anywhere in the world. Here’s how… 

  1. Standardized Questionnaires – TYS is guided by a Governance Board of Fortune 500 companies that provided input to our standardized compliance questionnaires. By collaborating across and within industries, these questionnaires were built to support global, local and industry requirements while reducing the number of overall questions suppliers are required to complete.
  2. Custom Questionnaires – Organizations may have unique regional and global requirements for risk management. TYS offers custom questionnaires to support any regulatory requirements that may not be covered with a standardized questionnaire.
  3. Questionnaire Groups – Buyers can select any combination of questionnaires to form a Questionnaire group. These groups can be based on common requirements for location, product or service, or other features. During the onboarding process, suppliers can easily be assigned into the appropriate Questionnaire Group, simplifying the process and ensuring the relevant questionnaires are required for that supplier. This strategy targets segments of suppliers for customized risk assessments appropriate for that segment.
  4. Integrated Risk Data – TYS partners with industry-leading third-party validators that offer a variety of risk data on companies from around the world. This information is integrated into supplier profiles for an enriched view of each supplier. 

 This flexible, standardized approach, combined with integrated third-party risk data, provides procurement organizations with a 360° view of their suppliers no matter where they are located in the world.