Question: We survey our supply chains to collect information for several different regulations. How do we know or ensure we are actually compliant?
Answer: “Am I compliant?” isn’t a question with an easy answer. Often companies are hoping for a concrete benchmark to meet, such as a percentage of suppliers that must submit information, but that’s unfortunately not how it works.
The goal of compliance is for companies to understand, carry out and document the necessary due diligence associated with applicable regulations and demonstrate their efforts to meet legislative requirements. This means the process must be carried out over time, rather than meeting a one-time goal.
That said, achieving a high supplier response rate is important to overall data quality, but regulatory authorities are likely to consider broader questions, including:
- Is the compliance program ongoing and defined within a process?
- Is the program sufficient to address applicable risks?
- Is the program improving over time?
- Is the company accurately communicating regulatory information to its stakeholders?
- Is the company supported by a plan to remediate discovered non-compliance?
In essence, a company can be more confident in compliance when it exercises strong due diligence activities and invests in maintaining and improving its processes. To learn more, you can read Assent’s whitepaper on the importance of due diligence to compliance.
Article is current as of 03-20-2020.