As we approach the end of conflict minerals compliance year 4 (with 3 years of reports behind us), companies are budgeting for how they will address conflict minerals in 2017. Since the SEC rule took effect, supply chain professionals and in-house lawyers have found that compliance is complicated, time-consuming, and still changing because of the increasing expectations of non-governmental organizations and other stakeholders. Companies are eager to find a compliance solution that will take less time and fewer resources. The “bad news” is that, although IT and software solutions can be an invaluable tool and provide great value, companies cannot expect to comply with the SEC rule’s requirements solely by entering into a relationship with a strong software provider.
To be sure, software and IT solutions can provide invaluable assistance to companies as they implement and improve their conflict minerals programs. But, there are many important elements of conflict minerals compliance and reporting that are simply not addressed even by the best IT or software systems. You will want to make sure that your board and senior management understand that signing the contract with a software provider is the start (and not the end) of your compliance work. They may need to understand that your budget contemplates additional resources to complete your annual reasonable country of origin inquiry, due diligence, and reporting. And, it would be wise to continue to include room in your budget for auditors and legal advisors. (We won’t discuss the independent private sector audit (IPSA) here, but there has been no change since last year and no additional guidance on IPSAs from the SEC.)
IT and software can make supplier outreach and questionnaire efforts more efficient and can help to minimize supplier fatigue. They can also help with other crucial activities such as:
-
mining of product recipes, bills of material, and material data safety sheets
-
supplier engagement (training and education, automated follow up, determination of country of origin, identification of smelters/refiners)
-
noting gaps and red flags in supplier responses
-
development of audit trail
-
vetting, verifying, and listing of smelter/refiners and determining DRC conflict-free status based on recognized certification programs
But, there are other important elements of conflict minerals compliance and due diligence that are not addressed by IT or software solutions alone. These elements include:
-
development and implementation of policies
-
consideration of potential countries of origin, which has significant implications for reporting obligations
-
analyzing important details behind certain data summarized by the software provider
-
considering important stakeholder input (investors, customers, NGOs, activists)
-
identifying and addressing possible risks associated with disclosure
-
addressing the elements of the OECD Due Diligence Guidelines not covered by supplier engagement and smelter/refiner identification and vetting
-
protecting proprietary product information and know-how
-
monitoring changes in compliance requirements, guidance and industry norms
As the number of suppliers and scope of due diligence grow, more companies are turning to IT and software solutions to help them with large portions of their supplier outreach, smelter/refiner vetting, responses to customers, and creation of audit trail. But, there are many elements of conflict minerals compliance that cannot be effectively addressed by a software platform. It is important to remember that additional resources will continue to be needed to meet the conflict minerals compliance requirements arising out of the SEC rule (and the EU regulation when it is finally rolled out).