Why do leading enterprises operationalise supplier conduct now?
Executives face a simple reality: customers judge brands by the behaviour of their suppliers. A Supplier Code of Conduct sets explicit expectations for labour, environmental, and ethical practices, and audits verify that suppliers meet those expectations in practice. A clear Code plus a disciplined audit program reduces compliance risk, stabilises quality, and protects brand equity across complex global networks. The approach aligns with recognised frameworks including the UN Guiding Principles on Business and Human Rights, the OECD Due Diligence Guidance, and ISO 20400 on sustainable procurement.¹²³ It also positions organisations to comply with emerging due diligence laws such as Australia’s Modern Slavery Act and the EU Corporate Sustainability Due Diligence Directive.⁴⁵
What is a Supplier Code of Conduct, in plain terms?
A Supplier Code of Conduct is a formal policy that defines minimum standards suppliers must uphold to continue doing business with you. It typically covers human rights, health and safety, fair pay, working hours, freedom of association, environmental management, anti-corruption, and data protection. This unit acts as a contract addendum, a training anchor, and a measurement baseline for audits. The strongest Codes translate high-level principles into auditable requirements tied to international norms such as ILO conventions on child labour and forced labour.⁶ A modern Code specifies remediation expectations and timelines, links to grievance channels, and names the audit protocol you will use to verify performance, such as SMETA.⁷
How do regulations and standards shape what “good” looks like?
Regulations and standards establish the floor and guide implementation at scale. The UN Guiding Principles define the corporate responsibility to respect human rights and to enable remedy.¹ The OECD Due Diligence Guidance outlines a practical six-step due diligence cycle for identifying, preventing, and mitigating adverse impacts across the value chain.² ISO 20400 provides process guidance to embed sustainability into procurement strategy and supplier management.³ Australia’s Modern Slavery Act requires large entities to report on risks, actions, and effectiveness, reinforcing human rights due diligence in supply chains.⁴⁸ The EU’s Corporate Sustainability Due Diligence Directive establishes binding due diligence duties for large companies operating in the EU, with staged thresholds and enforcement set out in the final 2024 text.⁵
How should you design the Code for clarity and auditability?
Leaders write with precision. Start by mapping Code topics to authoritative references. Each clause should cite the source standard so auditors and suppliers see the lineage. Define “must,” “should,” and “may” to avoid ambiguity. Provide evidence expectations for each requirement: time-stamped payroll records, worker interviews, chemical inventories, grievance logs, and CAPA registers. Align environmental and social disclosures with GRI 414 (Supplier Social Assessment) so your reporting mirrors the data you collect during audits.⁹ Embed escalation logic: non-conformity categories, corrective action deadlines, and consequences for repeated failure. Referencing a recognised audit protocol such as SMETA improves comparability and reduces supplier audit fatigue.⁷
What audit mechanisms work in practice?
Effective programs use a layered approach. First, conduct desktop risk screens using country, sector, and product risk indices to prioritise sites. Second, deploy self-assessments for low-risk suppliers and verified third-party audits for medium and high-risk sites. Third, run unannounced or semi-announced audits in high-risk contexts to validate reality. SMETA’s methodology combines document review, management and worker interviews, site tours, and environmental checks, and maps findings to a corrective action plan.⁷ For environmental and procurement integration, pair social audits with ISO 20400 process reviews to confirm sustainability is embedded in sourcing decisions and supplier performance management.³
How do you integrate due diligence into procurement workflows?
Procurement must carry the baton, not just compliance. Integrate Code acceptance into onboarding and contract award. Use weighted evaluation criteria that include human rights, safety, and environmental performance alongside price and quality. Require high-risk suppliers to submit evidence or certifications before purchase orders are released. Build milestone-based CAPA verification into payment terms for corrective actions. Map the OECD six-step cycle to your supplier lifecycle: policy, risk assessment, actions, tracking, communication, and remediation.² Align reporting with the Modern Slavery Act’s minimum content to streamline annual statements and reduce duplication.⁴
Which metrics prove the program is working?
Executives need a tight set of measures that tell the story. Track coverage (% spend under Code), depth (% high-risk sites audited), quality (major findings per 1,000 workers), timeliness (% CAPAs closed on time), and impact (reduction in repeat non-conformities year over year). Tie leading indicators to process health: time to supplier onboarding with Code acceptance, training completion for procurement, and grievance mechanism utilisation rates. For public transparency, disclose supplier social assessment results using the structure from GRI 414 and link actions to human rights salience assessments from the UNGP lens.¹⁹
What risks should leaders anticipate and mitigate?
Program design should plan for structural challenges. Suppliers may fear retaliation and coach workers, so your audit model must include confidential interviews and triangulation. High-risk sectors can present complex subcontracting chains; you should extend Code obligations to sub-suppliers and brokers. New legal regimes are evolving; the EU directive’s obligations will tighten expectations for identification, prevention, and remediation across upstream and downstream relationships, and enforcement will involve administrative penalties and civil liability in member states.⁵ Market scrutiny is rising; annual statements under Australia’s act are public and benchmarked, which creates reputational risk if disclosures are weak.⁴
How do you handle non-conformities without breaking relationships?
Great programs treat audits as improvement levers. Set clear severity tiers. For critical violations such as forced labour indicators, child labour, or immediate life safety, require immediate protective action and escalate to senior leadership. Reference ILO conventions to anchor definitions and remediation protocols for child labour cases.⁶ For systemic issues such as excessive overtime or wage errors, build a time-bound corrective action plan with root cause analysis. Require suppliers to show proof of remedy, such as revised timekeeping systems or worker back pay. Use shared value framing: remediation strengthens resilience, supports compliance with UNGP due diligence, and protects access to regulated markets shaped by the EU and Australian regimes.¹⁴⁵
How should you communicate progress to stakeholders?
Stakeholders expect crisp, credible reporting. Publish Code content and audit approach on your website, provide aggregate metrics, and disclose key risks and actions using GRI 414.⁹ Link your due diligence narrative to the OECD cycle and UNGPs so external reviewers can map your claims to global norms.¹² In Australia, ensure your Modern Slavery Statement addresses mandatory criteria and is submitted to the government register.⁴⁸ For entities operating in the EU, align disclosures to the directive’s scoping and phasing to pre-empt supervisory queries and investor due diligence.⁵
What are the first steps to launch or upgrade your program?
Start with three moves. First, review and align your Supplier Code of Conduct to UNGPs, OECD Guidance, ISO 20400, ILO conventions, and GRI 414.¹²³⁶⁹ Second, design a risk-based audit calendar and select a standard protocol such as SMETA to improve comparability and supplier experience.⁷ Third, integrate due diligence gates into procurement and contracts, and set KPI targets for coverage, depth, and CAPA performance. This structure creates a coherent system that reduces human rights risk, improves environmental performance, and supports compliance across jurisdictions where you operate.¹²³⁴⁵
FAQ
What is a Supplier Code of Conduct and why does it matter for Customer Science clients?
A Supplier Code of Conduct sets minimum ethical, social, and environmental standards for suppliers and enables audits against those standards. It aligns with UN Guiding Principles, OECD Due Diligence Guidance, and ISO 20400 to reduce risk and protect customer trust.¹²³
How do audits like SMETA verify supplier compliance?
SMETA audits assess documents, interview workers and management, inspect facilities, and produce corrective action plans. The protocol is widely used, which supports comparability across suppliers and sectors.⁷
Which regulations should Australian enterprises prioritise?
Australian organisations should align with the Commonwealth Modern Slavery Act’s reporting requirements and integrate human rights due diligence. Entities operating in the EU should prepare for Corporate Sustainability Due Diligence Directive obligations.⁴⁵
What frameworks guide sustainable procurement decisions?
ISO 20400 provides procurement process guidance for embedding sustainability into sourcing, supplier evaluation, and contract management.³
Which reporting standards help with supplier assessments?
GRI 414 (Supplier Social Assessment) provides a structure for disclosing screening, assessment, and impact of supplier social performance.⁹
Why reference ILO conventions in Codes and audits?
ILO conventions on minimum age and worst forms of child labour provide authoritative definitions that inform Code clauses and remediation for non-conformities.⁶
Which due diligence model should we adopt enterprise-wide?
Adopt the OECD six-step due diligence cycle and map it to supplier lifecycle management, from policy through remediation and reporting.²
Sources
Guiding Principles on Business and Human Rights, Office of the High Commissioner for Human Rights, 2011, United Nations. https://www.ohchr.org/Documents/Publications/GuidingPrinciplesBusinessHR_EN.pdf
OECD Due Diligence Guidance for Responsible Business Conduct, OECD, 2018. https://www.oecd.org/en/publications/oecd-due-diligence-guidance-for-responsible-business-conduct_15f5f4b3-en.html
ISO 20400: Sustainable procurement – What, Why and How, ISO/ISO20400.org, 2018. https://www.iso20400.org/wp-content/uploads/2019/03/ISO20400_Sustainable%20procurement_final%20-%20CDP%20and%20Bureau%20Veritas.pdf
For business: Guidance and resources, Modern Slavery in Australia, Australian Government, 2021–2023. https://www.modernslavery.gov.au/guidance-training-resources/business
Directive (EU) 2024/1760 on Corporate Sustainability Due Diligence, Official Journal of the European Union, 2024 (consolidated 2025). https://eur-lex.europa.eu/eli/dir/2024/1760/oj/eng
ILO Conventions on Child Labour (C138 & C182), International Labour Organization. https://www.ilo.org/international-programme-elimination-child-labour-ipec/what-child-labour/ilo-conventions-child-labour
Sedex Members Ethical Trade Audit (SMETA) Auditor Manual v7.0, Sedex, June 2024. https://www.vwa.co.uk/ethical-audits/ethical-policies/smeta-resources/Sedex-Auditor-Manual-SMETA-7.0-June-2024.pdf
Commonwealth Modern Slavery Act 2018: Guidance for Reporting Entities, Australian Government, updated 2022. https://modernslaveryregister.gov.au/resources/Commonwealth_Modern_Slavery_Act_Guidance_for_Reporting_Entities.pdf
GRI 414: Supplier Social Assessment (2016), Global Reporting Initiative. https://www.globalreporting.org/pdf.ashx?id=12677