Ian Spaulding is the Chief Executive Officer of leading global assurance partner, LRQA
The European Parliament recently approved the Corporate Sustainability Due Diligence Directive (CSDDD). This new law will require larger companies operating in the bloc to take reasonable actions to check whether their supply chains use forced labour or cause environmental damage.
In light of this, and similar legislation around the world, CEOs must now ask: How do we gain visibility of these risks and ensure ongoing compliance throughout our operations?
Meeting such heightened ESG expectations demands a proactive, digitally enabled approach to risk management. At LRQA we’ve coined this the era of ‘Assurance 4.0’.
Enhancing operational visibility
Due diligence initiatives like CSDDD will only yield worker welfare and sustainability benefits if they can be tailored to the unique requirements of suppliers in affected regions.
For this reason, there is no one size fits all solution to diligence and compliance. The approach, however, can be consistent: robust oversight of operations and processes.
Regular assessments to identify, prevent and mitigate the risks of adverse impacts on human rights and the environment in both owned operations and third-party supply chains will be essential.
US legislation such as the Uyghur Forced Labour Prevention Act, and the Securities and Exchange Commission (SEC) rules on climate disclosures underscore the urgency for this. But it’s important for businesses to put the right processes in place to collect data from suppliers and instil best practice throughout supply chains. The challenge is that fragmented supply chains and systems hinder detection, amplifying risks to organisations and their reputations.
Fragmentation can result in a lack of information and data being shared throughout the supply chain. This lack of sharing can in turn mean a lack of transparency which ultimately results in inefficiencies, a lack of responsiveness and misalignment of activities. At its worst, it can leave risks hidden within the supply chain, which, when uncovered, are a complete surprise to the business further up the chain.
Protecting data
Another risk that supply chains are exposed to is due to the increase of data processing through third-party technology partnerships across cloud, data management, hardware and software. This makes organisations more vulnerable to cyber attacks.
A report published by the Identity Theft Resource Centre (ITRC) revealed that 2023 was the worst year yet for occurrences of data breaches in the supply chain, highlighting that attacks have increased by 2,600% in six years.
The upcoming 2024 EU Digital Operational Resilience Act (DORA) will aid financial institutions manage operational risks, with organisations required to meet regulations surrounding cyber risk management, incident reporting, operational resilience and third-party risk monitoring.
Continuous assurance
A strategy of continuous assurance can help address both reputational and digital threats throughout supply chains.
Using tools like LRQA’s supply chain intelligence platform, EiQ, companies can now achieve near-time monitoring of their data along with their suppliers. This enables close observation of supply chain performance and ESG risks.
Such enhanced monitoring can facilitate a proactive approach to risk management, allowing businesses to quickly identify and mitigate any potential issues before they become a crisis.
The silver lining is that, whilst the CSDDD legislation focuses on human rights due diligence, the monitoring systems, process and reporting structures required can help to deliver a more proactive approach to monitoring all risk across operations, improving integrity and asset protection at the same time.
Data collection and benchmarking capabilities can also be a source for predictive and preventative analytics.
Building a resilient business
With the legislation now in place in the EU and US, these due diligence procedures are undoubtedly becoming the new norm for global businesses. Stakeholders, including investors, will continue to scrutinise businesses and CEOs against these benchmarks.
In an era defined by disruption, businesses that embrace Assurance 4.0 will proactively adapt to compliance challenges, gaining a competitive edge and ensuring financial stability.
Future-proofing your business using tools that can effectively leverage data to predict trends is vital in mitigating challenges even before they arise.
