Complying with the EU Corporate Sustainability Reporting Directive (CSRD)

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

Complying with the EU Corporate Sustainability Reporting Directive (CSRD)involves several key steps and considerations for businesses. The CSRD significantly expands the sustainability reporting requirements for companies in the EU. Here’s a guide to what your business needs to do: 

 Understand the Scope and Applicability

  • Determine Eligibility: The CSRD applies to all large companies, whether they are publicly listed or not. Specifically, it targets companies with more than 500 employees. 
  • Timeline Awareness: Be aware of when the CSRD requirements will apply to your business. The directive is expected to be applied in stages starting from 2024 for reports published in 2025. 

 Develop Robust Data Collection Systems

  • Data Collection and Management: Establish or enhance systems for collecting a wide range of ESG (Environmental, Social, and Governance) data. This includes environmental impact, social practices, and governance structures. 
  • Technology Integration: Consider implementing technology solutions that can help in accurately collecting and managing sustainability data.

Align Reporting with CSRD Requirements

  • Understand Reporting Criteria: Familiarize yourself with the specific reporting standards and formats that the CSRD mandates. This includes details on sustainability-related matters such as environmental protection, social responsibility, and treatment of employees. 
  • External Standards and Frameworks: Align your reporting with recognized sustainability frameworks and standards that are consistent with CSRD requirements. 

Integrate Sustainability into Business Strategy

  • Strategic Alignment: Ensure that your company’s strategy reflects a commitment to sustainability, as the CSRD aims for sustainability to be integrated into the business model. 
  • Stakeholder Engagement: Engage with stakeholders, including employees, customers, and suppliers, to understand their perspectives and incorporate their feedback into your sustainability practices. 

Establish a Sustainability Governance Structure

  • Governance Framework: Set up a governance framework for sustainability reporting, ensuring that there is oversight and accountability within the organization. 
  • Training and Awareness: Train relevant staff on CSRD requirements and the importance of sustainability reporting. 

Prepare for Assurance and Verification

  • Assurance Readiness: Prepare for external assurance of your sustainability reporting, as the CSRD requires assurance on the reported sustainability information. 
  • Transparency and Accountability: Focus on the accuracy and transparency of your reporting to build trust with stakeholders and comply with the directive. 

Stay Informed and Adapt

  • Regulatory Updates: Stay updated on any changes or updates to the CSRD and related regulations. 
  • Continuous Improvement: Regularly review and update your sustainability practices and reporting to ensure ongoing compliance and improvement. 

Communicate and Disclose

  • Effective Communication: Develop a communication plan to effectively disclose sustainability information both internally and externally. 
  • Report Preparation: Prepare your sustainability reports in line with CSRD guidelines and ensure they are accessible to stakeholders. 

Conclusion
Compliance with the CSRD is not just a regulatory requirement; it’s an opportunity to embed sustainability into the core of your business operations. By taking these steps, businesses can not only comply with the directive but also demonstrate their commitment to sustainable development and corporate responsibility. 

Corporate Sustainability Due Diligence Directive (CSDDD)

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

Corporate Sustainability Due Diligence Directive (CSDDD) requires a comprehensive approach from businesses. The CSDDD aims to ensure that companies operating in the EU market address and mitigate adverse impacts on human rights and the environment within their operations and supply chains. Here’s a guide on what your business needs to do: 

Understand the Directive and Its Scope

  • Determine Applicability: The CSDDD applies to large companies operating in the EU market. This includes EU companies with significant turnover and a certain number of employees, as well as non-EU companies with substantial business in the EU. 
  • Scope of Operations: Understand that the directive covers your operations, your subsidiaries, and your supply chain, including indirect business relationships.

Conduct Thorough Due Diligence

  • Risk Assessment: Carry out a thorough risk assessment to identify actual and potential adverse impacts on human rights and the environment in your operations and supply chains. 
  • Action Plan: Develop and implement an action plan to address, prevent, and mitigate identified risks. 

Engage with Affected Stakeholders

  • Stakeholder Engagement: Actively engage with potentially affected groups, including workers, local communities, and other relevant stakeholders, to understand their concerns and perspectives. 
  • Feedback Mechanisms: Establish and maintain a system for receiving and addressing feedback or complaints from affected stakeholders. 

Implement Effective Governance Structures

  • Responsibility and Oversight: Assign responsibility for due diligence at a high governance level within your organization. 
  • Training and Awareness: Ensure employees and management are trained and aware of the due diligence requirements. 

Ensure Transparency and Reporting

  • Public Reporting: Prepare and publicly disclose an annual report on your due diligence policies, processes, findings, and actions taken. 
  • Transparent Communication: Be transparent about the challenges and limitations faced in addressing adverse impacts. 

Monitor, Evaluate, and Update Due Diligence Practices

  • Continuous Monitoring: Regularly monitor the effectiveness of your due diligence measures. 
  • Regular Updates: Update your due diligence processes as needed based on monitoring results and evolving risks. 

Prepare for Legal Compliance and Liability

  • Legal Compliance: Understand and comply with the legal obligations under the CSDDD, including civil liability provisions. 
  • Documenting Compliance: Keep thorough records of your due diligence efforts to demonstrate compliance. 

Establish End-to-End Supply Chain Management

  • Supply Chain Collaboration: Work collaboratively with suppliers and business partners to ensure they understand and comply with the CSDDD requirements. 
  • Contractual Clauses: Include appropriate clauses in contracts with suppliers and business partners to ensure compliance with due diligence obligations. 

Develop a Responsive Strategy for Identified Risks

  • Mitigation and Remediation: Develop strategies to mitigate any adverse impacts and provide for remediation where harm has occurred. 
  • Ending Relationships: Be prepared to end business relationships if mitigation of adverse impacts is not possible. 

Conclusion
Compliance with the CSDDD is a crucial step towards responsible and sustainable business practices. By integrating due diligence into your business operations and addressing potential adverse impacts on human rights and the environment, your company not only adheres to regulatory requirements but also contributes positively to societal and environmental well-being. 

Evolving Corporate Sustainability Regulations

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

Corporate sustainability has gained unprecedented importance in the face of global challenges like climate change and human rights issues. Businesses are increasingly held accountable for their environmental degradation and social impacts. Legislative and regulatory changes are redefining corporate responsibilities towards sustainability, moving beyond voluntary initiatives to mandatory compliance.

From EU regulations such as the Corporate Sustainability Reporting Directive (CSRD) to the global standards of the International Sustainability Standards Board (ISSB) and the Task Force on Climate-related Financial Disclosures (TCFD),  the reporting landscape is transitioning at lightning speed.

The Council and the European Parliament reached a provisional deal on the Corporate Sustainability Due Diligence Directive (CSDDD), which aims to enhance the protection of the environment and human rights in the EU and globally. The due diligence directive will set obligations for large companies regarding actual and potential adverse impacts on human rights and the environment, with respect to their own operations, those of their subsidiaries, and those carried out by their business partners.

Which regulations apply to you?

Key Frameworks: The CSDDD, CSRD, ISSB, and TCFD represent significant legislative and regulatory shifts, mandating comprehensive sustainability practices and reporting.

Implications for Organizations: These frameworks signal a shift from voluntary to mandatory sustainability practices, emphasizing transparency, accountability, and long-term planning.

Read more over the next few days as we provide insight into CSRD, ISSB, TCFD, and the CSDDD.

TYS Lunch & Learn Episode 1- Navigating Supply Chain Risks: Insights from Trust Your Supplier’s Nick Picone

In the ever-evolving landscape of procurement, understanding and mitigating risks have become paramount for businesses seeking sustained success. In the inaugural episode of “TYS Lunch & Learn,” hosted by Fatima Lacanlale, Nick Picone, VP of Advisory Practice at Trust Your Supplier, sheds light on critical aspects of digital transformation, supply chain dynamics, and the future of how to mitigate risk in procurement. 

Unlocking the World of Risks:
Nick, a seasoned professional with nearly two decades of experience in the business software industry, delves into the intricacies of supplier risks, particularly focusing on financial vulnerabilities. With companies facing historic acceleration in interest rates, small and medium-tier suppliers are grappling with financial stress. The result? A significant increase in bankruptcies, posing a substantial threat to supply chain continuity. 

Nick emphasizes the need for organizations to grasp the impending challenges, with $4 trillion of debt expected to roll over at much higher rates in the next four years. Small and medium-tier suppliers, often crucial to a company’s operations, are likely to bear the brunt. To address this, businesses must act swiftly, collaborating with suppliers to mitigate risks or exploring alternative sourcing strategies. 

The Power of Visibility and Clean Data:
A recurring theme in the conversation is the importance of visibility and clean data. Nick asserts that clean, segmented data forms the foundation for achieving comprehensive visibility across the supplier base. The ability to augment this data with real-time insights from third parties and take actionable steps is essential.  

Trust Your Supplier (TYS) emerges as a solution that empowers businesses with the agility to navigate these challenges, offering a single, unified platform for data security, governance, and risk management. 

Actionable Steps for a Resilient Future:
Nick provides actionable steps for businesses looking to enhance their visibility and mitigate risks. The key lies in intellectual curiosity and collaboration. Leadership within organizations must engage in internal dialogues and collaborate with external providers like TYS to understand and solve the complex problems associated with procurement risks. The adoption of modern technology, including blockchain platforms, is pivotal in achieving control over data, fostering trust, and ensuring transparency—an approach that Trust Your Supplier advocates. 

In conclusion, this episode underscores the critical need for businesses to proactively address risks in their supply chain. By leveraging technology, fostering collaboration, and staying intellectually curious, organizations can not only navigate the challenges posed by financial uncertainties but also build a resilient supply chain that stands the test of time. Stay tuned for more insights and expert discussions in future episodes of ” Lunch & Learns.” 

Navigating Data Governance in Supply Chain Management: The Critical Role of Supplier Segmentation

by Michelle Armstrong, TYS Global VP of Value Solutions Consultant

In today’s global business environment, managing supply chain risks and ensuring compliance with both regional and global regulations is more challenging than ever. Central to this challenge is the effective governance of supplier data, which encompasses a wide range of aspects from contracts and insurance to audits and purchase orders. This blog explores the importance of utilizing supplier segmentation as a strategic tool in managing data governance and mitigating risks. 

Understanding Supplier Segmentation: 

Supplier segmentation is the process of categorizing suppliers based on various criteria such as spend, risk, strategic importance, and compliance. This segmentation allows organizations to apply different management techniques and resources based on the category of the supplier. 

Enhancing Data Governance through Supplier Segmentation

>Revalidation of Data: Regular revalidation of supplier data is essential for maintaining its accuracy and relevance. Segmentation helps prioritize which suppliers require more frequent or detailed revalidation processes. 

>Risk Assessment: Different suppliers pose different levels of risk. Segmentation allows for tailored risk assessment strategies, focusing more intensely on high-risk or high-impact suppliers.

Compliance with Global and Regional Regulations

>Understanding Regulatory Landscape: Each segment of suppliers may be subject to different regulatory requirements based on their location, size, or industry. 

>Customized Compliance Strategies: Segmentation enables the development of compliance strategies that are specifically tailored to the regulatory requirements of different supplier groups. 

Third-Party Risk Management

>Identifying and Monitoring Risks: Effective segmentation helps identify the various risks associated with each supplier group and setting up appropriate monitoring mechanisms. 

>Proactive Risk Mitigation: By understanding the risk profile of each segment, companies can proactively develop mitigation strategies.

Contract Management and Insurance

>Tailored Contract Strategies: Different supplier segments may require different contract terms and conditions based on the level of engagement and risk involved. 

>Insurance Requirements: Supplier segmentation helps in determining appropriate insurance requirements and levels of coverage for different supplier categories. 

Audits and Purchase Orders

>Audit Planning: Segmentation aids in planning audits, focusing resources on high-risk or high-value suppliers. 

>Streamlining Purchase Orders: By understanding the nature and requirements of each segment, companies can streamline their purchase order processes for efficiency and compliance. 

Conclusion

In the complex and ever-evolving world of global supply chain management, supplier segmentation stands out as a vital tool for effective data governance. It not only ensures compliance and mitigates risks but also optimizes resources and enhances operational efficiency. As businesses continue to navigate the intricacies of global and regional regulations, the strategic use of supplier segmentation will be a key factor in their success. 

Want to learn more? Let’s talk!

 *** 

Trust Your Supplier (TYS) is a Small, Minority and Woman owned business with a global reach offering an innovative blockchain-based solution for supplier and risk management to large and mid-size enterprises. By harnessing the immutability of the blockchain, TYS ensures daily monitoring, historical, predictive, and prescriptive risk insights, enabling trusted data exchange and workflow automation beyond traditional boundaries. This distributed ledger technology fosters transparency, efficiency, and empowerment for businesses to effectively manage suppliers and mitigate risks.  

FAQ: How do questionnaires play a role in supplier compliance & risk management?

Frequently Asked Question: How do questionnaires play a role in supplier compliance & risk management?

How do questionnaires play a role in supplier compliance & risk management?   Trust Your Supplier (TYS) questionnaire features range from supplier self-audit forms to predictive questionnaires. 

Learn more about these and other questionnaire features with these resources: 

TYS Questionnaire Features Infographic 

The “Q” Word blog post

Unlocking the Potential of Data-Driven Procurement Teams with Actionable Insights

by Michelle Armstrong, Chief Relationship Officer

Pssst… The secret to unlocking the full potential of procurement lies in embracing the power of data. With a wealth of raw information at our fingertips, it’s crucial to transform this data into actionable insights that fuel informed decision-making. Learn how to satisfy your thirst for actionable procurement data by leveraging cutting-edge tools and strategies to turn raw information into valuable insights that propel your procurement operations to new heights. 

Rob Handfield, a distinguished professor of supply chain management, emphasizes that digital transformation in procurement is only possible with clean data. When discussing procurement data, we’re really talking about the importance of usable, clean data. 

Despite the vast amounts of data captured, only about 5% is analyzed. With the rapid growth of emerging technologies, we have more data than ever, yet we need more insight. So, how can we convert this information into intelligence? 

Visualizing a New World of Data 

Data visualization is a game-changer in making complex data more accessible and understandable. By presenting data in a visually engaging format, procurement teams can quickly identify patterns, trends, and relationships that might be concealed within raw data. Utilizing data visualization tools like interactive dashboards and detailed reports allows valuable insights to be easily communicated and understood, empowering teams to make data-driven decisions. 

Moreover, data visualization can help procurement professionals monitor key performance indicators (KPIs) in real-time, track supplier performance, and identify potential bottlenecks in the supply chain. By embracing this visual approach, organizations can transform their procurement processes and drive efficiency across the board. 

Collaborative Minds, United Goals 

To unlock the full potential of procurement data, it’s crucial to involve diverse perspectives and expertise. Cross-functional teams, composed of members from various departments, can work together to analyze data and develop innovative solutions. This collaborative approach enables organizations to leverage their employees’ unique skills and knowledge, fostering a culture of open communication and teamwork. 

By breaking down silos and encouraging collaboration, organizations can tap into the collective wisdom of their workforce and drive data-driven decision-making across the enterprise. This united effort leads to more effective procurement strategies and promotes a culture of continuous improvement and innovation. 

Embracing the Power of Predictive Analytics and Machine Learning 

The combination of predictive analytics and machine learning offers a powerful toolset for procurement teams to uncover hidden insights and make more informed decisions. By analyzing historical data, these advanced techniques can identify trends, forecast future outcomes, and recommend actions to optimize procurement processes. 

For instance, procurement teams can use predictive analytics to optimize inventory levels by identifying patterns in demand and adjusting stock levels accordingly. This ensures organizations balance carrying costs and stock availability, ultimately reducing waste and improving efficiency. 

Similarly, predictive analytics can help identify supplier risks by analyzing factors such as financial stability, delivery performance, and compliance. This enables procurement teams to proactively mitigate risks and maintain a resilient supply chain. 

Machine learning can further enhance procurement decision-making by continuously learning from data and refining its predictions over time. This allows organizations to uncover cost-saving opportunities, streamline processes, and stay ahead of the competition in an ever-evolving market landscape. 

Cultivating a Data-Driven Culture 

In her Procurement Magazine interview, Dawn Tiura explained that procurement should be the central hub of a successful enterprise with a culture of service-driven curiosity. This mindset should also extend to mining the gold within data. 

When Satya Nadella became Microsoft’s CEO in 2014, he emphasized creating a data culture to make better decisions based on quality data. Under his leadership, Microsoft has transformed into an organization that values data-driven decision-making, recognizing the immense potential of quality data to drive innovation, efficiency, and growth. 

So, does your organization have a data culture that includes your suppliers? 

To extract the most value from your data, involving stakeholders within and outside your enterprise is crucial. The procurement department must lead in fostering a data-driven culture, harnessing the potential of technologies like AI and blockchain. 

As a service provider, your success is my priority.  

By embracing diverse perspectives, leveraging data visualization, and harnessing advanced analytics, your organization can unlock the full potential of procurement data and drive meaningful business outcomes. 

#ProcurementData #DataDrivenCulture #DataVisualization #Collaboration #PredictiveAnalytics #MachineLearning #DigitalTransformation #EmpowerProcurement #FutureOfProcurement 

The “Q” Word – Questionnaires

A favorite character in the James Bond series (other than James himself) is Q. Q always has these amazing hi-tech gadgets that save James from a certain demise at just the right time. Explosive alarm clocks, the Knife Shoe, exploding pens, a submarine Lotus Esprit, and of course the attacking sofa. He also has little patience for James and his laissez-faire attitude.  Q is cool.  

For your suppliers, what’s not cool is the “Q” word: Questionnaires.

Suppliers receive and return countless questionnaires containing dozens to hundreds of questions from each customer. Many of these questions are similar from customer to customer with slight variations and various formats. Just google “supplier questionnaires” and you’ll be overwhelmed with many template options and suggestions of what to include in your questionnaires. 

So as a procurement organization, what should you include in your questionnaires? And how do you keep them up to date? Key global risks, evolving market conditions, geopolitical issues, and new compliance mandates require revisions to your questionnaires to collect crucial pieces of information from your suppliers. This is necessary to mitigate any risk to your organization. 

Each time a company sends out a questionnaire or sends an updated questionnaire, the supplier must respond to each customer separately. The queue for having your specific questionnaire updated and returned can be quite lengthy, therefore creating a lag in the transfer of information. This lag leads to stale data and a lack of visibility to manage your company’s risk in current market conditions.

So, what’s the solution?  The “S” word: Standardization. Trust Your Supplier (TYS) has pulled together a conglomerate of major buying organizations to develop a set of questionnaires that are standardized. These questionnaires cover industry, location, and buyer-specific issues that allow each organization to assign the relevant questionnaires to their suppliers. And these questionnaires are kept updated to reflect new requirements and regulations.

Here’s an example of how it works: 

A set of questionnaires can be assigned to a supplier by a customer. Once those questionnaires have been completed and published by the supplier, the procurement team can review the answers. But there’s more!  Suppliers can then share the same completed questionnaires with other customers…with just a click of a button. So instead of sending the same 200 answers separately to each customer, the supplier now just needs to focus on any unique questions a customer may have. This dramatically reduces the supplier’s administrative burden as well as the onboarding time and keeps their information current and accurate.  

Let’s suppose this supplier has added a new product and now they are working with conflict minerals. No problem. The supplier can update the Conflict Minerals questionnaire and once published, the system will automatically notify every connected customer. The supplier’s new motto is now: “Do Once, Share with Many.”

These standardized questionnaires offer additional benefits to buyer teams. The TYS approvals workflow can be customized and automated with each questionnaire. Each answer can be “scored” based on your internal risk threshold. Any answer that does not align with your company’s preferred score will then be directed to the appropriate team role for further review and approval. This allows your team to focus on undesirable answers rather than spending time reviewing all answers.

Another TYS feature that softens the blow of the Q word is Questionnaire Groups. Depending on the supplier segmentation strategy, buyer organizations can use a targeted approach to send relevant questionnaires to a configured group of suppliers. These groups are customized by the buyer team and then assigned as a group to suppliers that fit into that category (i.e., location). This simplifies the questionnaire assignment process for the buyer team. 

And the newest TYS feature is Predictive Questionnaires. Buyer teams can create a set of rules that will predict which questionnaires should be assigned to a particular supplier. This is tremendously valuable as new compliance regulations and laws come into play throughout the world, and provides the opportunity to reach more of your supplier base without further manual outreach.

Ultimately, standardization and automation result in benefits for both supplier and buyer organizations. The reduction in the onboarding cycle time allows transactions to occur faster and there is reduced administrative effort on both sides. Buyer organizations can also then benefit from having full visibility into their supplier base for strategic decision-making and risk management.  

Check out a real example of how quickly suppliers can complete their profiles and questionnaires on the TYS system.

Assessing the Risk of a New Supplier Relationship

Supplier Relationship Management isn’t necessarily a new concept, but in today’s COVID-related, digital climate, its scope and structure should be formalized and followed diligently. Instead of a transactional interaction and a contract that gets shoved in a filing cabinet until renewal, GEP states that the nature of the vendor/supplier relationships is shifting to just that: relational. Long-term.  A constant conversation that lasts throughout the contract – not just at the endpoints.  Now, of course in any relationship there is risk. 

Without diligence or with diligence only executed at the endpoints, it is much harder to figure out where the relationship went wrong if problems occurCNN reported that the HHS’ Assistant Secretary of Preparedness and Response misappropriated the millions of dollars allocated to the Biomedical AdvanceResearch for administrative and office expenses, dubbing it the Bank of BARDA. If misappropriation and mistakes can happen in an organization with that degree of oversight, they can happen anywhere.   

Gaps in normalcy like shipping delays, business shutdowns, limited manufacturing capabilities, and a higher-than-average online population gives a fraudster the perfect opportunity to slide in. So how can you identify whether your supplier is one you can count on?  

GDC agrees with the PWC categorization risks in a supplier relationship.  The risks are broken up into five segments:  

Reputational Risk 
A reputational risk means your business’ brand is affected. This can happen when the end-user experiences a product failure or substandard quality as a result of a bad supplier.  

Resilience Risk 
Resilience risks affect the customer’s access to the product because of a bad supplier. This can happen if a crucial part of your product is missing, and you must deem it out of stock. 

Data Security and Privacy Risk  
63% of data breaches happen from third party access, so strict security measures should be enforced in order to prevent stolen customer, employee, or partner data  

Regulatory Risk 
Regulatory risks happen when a business violates the country- or jurisdiction-specific compliance requirements for outsourcing or signing with a supplier.  

Commercial risk
Commercial risk can happen when supplier failure results in inaccurate or over billing, or when the costs of the supplier partnership is larger than the profit.  

Now that you know your risks, it is time to think about how to solidify your process for supplier management and risk prevention.  

Luckily, there are a few best practices and guidelines out there to lay the groundwork 

Vendor Selection 
This is where we come in. Global Data Consortium is a data-as-a-service company that delivers real-time, locally sourced business verification for financial institutions around the globe to combat reputational, regulatory, and commercial risksWhen you use GDC’s Know Your Business solution, you can choose from three types of checks with varying levels of verification and customizable match rules to meet whatever level of compliance your organization requires.  

The key to a successful supplier relationship is to never let the bad ones get to you in the first place.  Whether you’re seeking to verify the legitimacy of a potential supplier, conduct a risk analysis, or confirm the beneficial owners and directors, GDC’s KYB solution helps you kick your supplier relationship management process off with a head start.  

Contract  
Setting a contract up with your supplier means setting expectations up with your supplier. Make sure both parties are aware of the duration of the partnership, quantity of work, and quality of service expected.  

Vendor Management 
As stated above, the nature of a supplier relationship is shifting. Monitor your partnership throughout the life of it and keep an open line of communication.  

Contingency Planning 
Even with all the precautions listed above, things can still go wrong. If a supplier falls through, have a backup plan so you can still avoid a resilience risk.  

And there you have it! Although every organization has its own structure, these best practices should set the groundwork for what will be an exceptional supplier relationship management process.  

Want to start your supplier relationship management process off on the right foot? Check out our page to learn more about how GDC’s Know Your Business solution can help you minimize Regulatory, Reputational, and Commercial risks for a supplier relationship you can be confident in.