{"id":27749,"date":"2023-09-30T21:51:00","date_gmt":"2023-09-30T18:51:00","guid":{"rendered":"https:\/\/www.achilles.com\/?p=27749"},"modified":"2023-12-21T23:12:47","modified_gmt":"2023-12-21T20:12:47","slug":"when-is-enough-enough","status":"publish","type":"post","link":"https:\/\/www.achilles.com\/no\/bransjeinnsikt\/nar-er-nok-nok\/","title":{"rendered":"When is enough, enough?"},"content":{"rendered":"\n<p><strong>When working with clients to support their compliance with new supply chain legislation, we are frequently asked how far they need to go to satisfy the regulators. This is becoming increasingly common as the requirement for reporting is widening and companies find themselves swept up in a metaphorical regulatory net. <\/strong><\/p>\n\n\n\n<p>What do the people responsible for supply chain due diligence reporting want (and need) to know. Put simply, when is enough, enough?<\/p>\n\n\n\n<p>The honest reply to this question, which may not, at first, sound all that helpful, is there is no right answer. It genuinely depends on a wide range of factors. To understand what is enough for your organisation, we need to look at the actual legislation.<\/p>\n\n\n\n<p>Supply chain due diligence legislation such as the <a href=\"https:\/\/www.achilles.com\/no\/eu-cs-ddd\/\">EU CS DDD<\/a>, <a href=\"https:\/\/uat.achilles.com\/industry-insights\/the-ultimate-guide-to-lieferkettengesetz-everything-you-need-to-know\/\">Lieferkettengesetz<\/a>, BRSR Core, Australia&#8217;s Modern Slavery Act and similar legislation emerging across the world set out very clearly its expectations for compliance. First, legislation usually sets out the requirement for organisations to take a risk-based approach to due diligence within the supply chain. Secondly, it states that the effort undertaken to do that must be commensurate with the organisation\u2019s business and the complexity of the supply chain.<\/p>\n\n\n\n<p>In particular, the guidance usually refers to the \u201c<strong>adequacy of risk assessment\u201d&nbsp;<\/strong>saying risk assessment should not present an undue burden, however, organisations should ensure that the effort undertaken is appropriate to their business activities and the risks associated with those activities.<\/p>\n\n\n\n<p>Of course, when you think about it, this makes complete sense. ESG supply chain risk management can never be done in a one-size-fits-all kind of way. A privately-owned chain of sandwich shops employing 1000 people will have very different risks to a multinational manufacturing organisation sourcing raw materials from multiple continents and the legislation, quite rightly, recognises that. That\u2019s not to say that the sandwich shops will have&nbsp;<em>no&nbsp;<\/em>risk, but the basic risk profile will be much lower relatively and so, as you would expect, the expectations placed on it, in terms of supply chain risk assessment, are proportionately lower.<\/p>\n\n\n\n<p>So how do you identify what is appropriate for your business? To do this, the OECD Due Diligence Guidance for Responsible Business Conduct recommends carrying out a \u201cbroad scoping exercise\u201d to create a high-level picture of end-to-end supply chain risk. This broad, multi-disciplined approach is integral to successful supply chain due diligence and key for organisations that need to be able to demonstrate to the relevant regulatory authorities that they do understand their risks and that they have \u201cdone enough\u201d to mitigate them.<\/p>\n\n\n\n<p>But doing enough is becoming increasingly challenging. The structure and sheer scale of today\u2019s supply chains mean that ESG issues and their causes can be extremely hard to identify, understand and eradicate. Intensive and sustained effort is required to monitor and report at the required frequencies. The data needed to comply goes beyond regular operational boundaries and, often, without due care, data sources with questionable provenance, accuracy or interpretation can often become primary sources of information which undermine the basis for the risk assessment, management, and subsequent disclosures \u2013 presenting a substantial threat to a business\u2019s reputation and their regulatory compliance.<\/p>\n\n\n\n<p>For this reason, at Achilles, when we work with organisations to support their&nbsp;<a href=\"https:\/\/www.achilles.com\/esg-ratings\/\">ESG<\/a>&nbsp;and wider regulatory compliance, we never rely on data from just one source, and we don\u2019t rely on information that is solely gathered from web crawling. Instead, we always start by collecting and assessing data from a wide range of sources including (but not limited to) documentation from organisations in your supply chain, publicly accessible and historical information from the internet and investigation reports from NGOs and charities. Uniquely, we also bring in information captured from our extensive, global, in-person audit programme, and the voices of workers gathered over many years of interviews in similar industries and regions to paint a complete picture of your supply chain risk.<\/p>\n\n\n\n<p>It\u2019s that level of detailed analysis and insight that facilitates a comprehensive disclosure and gives you the confidence that you have \u201cdone enough\u201d. Only when an accurate picture has been created is it&nbsp;<em>really&nbsp;<\/em>possible to move on to the next step in your journey to \u201cdoing enough\u201d \u2013 incorporating quality management principles into a risk-based human rights due diligence approach. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>When working with clients to support their compliance with new supply chain legislation, we are frequently asked how far they need to go to satisfy the regulators. This is becoming increasingly common as the requirement for reporting is widening and companies find themselves swept up in a metaphorical regulatory net. What do the people responsible [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":17462,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","wds_primary_category":6801,"wds_primary_industry_tax":0,"wds_primary_topic_tax":0,"wds_primary_post_region_tax":0,"footnotes":""},"categories":[3961,12013],"tags":[],"industry_tax":[4293,4082,4087,4078,4089,4090,4084,4077,4079,4088,4081,4083,4086,4085,4018,4080],"topic_tax":[4020,4337,4019,4021],"post_region_tax":[],"class_list":["post-27749","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-artikkel","category-bransjeinnsikt-no","industry_tax-alle-no","industry_tax-automotive-no","industry_tax-bank-og-finans","industry_tax-bygg-og-anlegg-no","industry_tax-detaljhandel","industry_tax-energi-no","industry_tax-forbruksvarer-no","industry_tax-forsyningssektoren-no","industry_tax-gruvedrift-og-sement-no","industry_tax-helsevesen","industry_tax-industriell-produksjon","industry_tax-kjemikalier","industry_tax-legemidler","industry_tax-telekommunikasjon","industry_tax-services-no","industry_tax-transport-og-logistikk","topic_tax-anskaffelser-no","topic_tax-due-diligence-og-revisjon","topic_tax-etisk-no","topic_tax-leverandorkjeden-no"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/posts\/27749","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/comments?post=27749"}],"version-history":[{"count":0,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/posts\/27749\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/media\/17462"}],"wp:attachment":[{"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/media?parent=27749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/categories?post=27749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/tags?post=27749"},{"taxonomy":"industry_tax","embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/industry_tax?post=27749"},{"taxonomy":"topic_tax","embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/topic_tax?post=27749"},{"taxonomy":"post_region_tax","embeddable":true,"href":"https:\/\/www.achilles.com\/no\/wp-json\/wp\/v2\/post_region_tax?post=27749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}