Avoiding The Pitfalls of Supplier Paid Compliance Programs – Must Read

Avoiding The Pitfalls of Supplier Paid Compliance Programs – Must Read

In this post we dive deep into Supplier Paid Compliance Programs. If your company is or has considered implementing one, this is a must read.

The Precedence:

In the compliance world there have often been attempts to institute supplier-direct payment models. What this means is that vendors have modeled their business around the concept of selling a product or data exchange platform to a tier 1 customer (usually a Fortune 500), who in turn asks their suppliers to pay the service provider to exchange data. This is not a new concept. Vendors to large retailers (i.e. the Walmarts of the world) have a host of requirements placed on them, in many cases having to sign up and pay an EDI (Electronic Data Interchange Vendor) and meet other strict vendor guidelines. While this model may be effective for certain sectors (I.e. retail) where the status quo is too actively jump through hoops in order to achieve widely sought after distribution, other sectors have much more sensitive relationships with their supply chains and there can be huge pitfalls with using the supplier direct payment model.

The history:

Let’s first examine the early attempts at the supply direct payment model in the compliance industry. BOMcheck was first developed as an initiative between Seimens Health Care and Phillps and several other companies to spread compliance requirements across the entire supply chain. While conceptually the idea was good (a centralized database with a small cost shared amongst thousands of supplier companies to upload their data), the experiment saw Seimens pulling out and developing their own program which was only marginally effective and left large gaps in user’s compliance programs, namely from missing data and difficulty drawing reports on who the missing suppliers were. As a system this program also left much to be desired in terms of features, reporting capabilities, system integration capabilities and general functionality. In other words, it was not a robust enough compliance software system. This system also met scalability challenges. As new regulations were released we’re already paid subscribers expected to pay extra? Expanding the system beyond its initial architecture was challenging, and sources confirm this model does not lend itself to shipping new features. With lead champions of this program moving towards more robust systems it was clear this model, while hypothetically a good idea, did not yield the results it set out to achieve.

The Present:

With the passing of the Dodd Frank Act and the Conflict Mineral provision, various firms thought that through this supplier direct model they could amend the model for conflict mineral compliance. From a platform vendor perspective this model is conceptually very lucrative:

  1. Get a Fortune 500 firm with a large supply chain.
  2. Convince them they will not have to pay and have their compliance program for free.
  3. Have the client mandate that their supply chain pay the provider to use the data exchange.
  4. For the vendor the 1000’s of suppliers @ x $/per becomes very lucrative.

Around 2010, 2 new compliance vendors entered the market with this model. Ipoint and Source Intelligence were centered around the concept of supplier direct payment.  However, as history has proven, this model is riddled with several very large pitfalls, especially for the requirements of Dodd-Frank Conflict Minerals compliance.

The Implications:

–          Conflict of Interest: When you ask your suppliers to pay a third party, they then become the customer of that third party. This puts the vendor in a conflict of interest. While they are supposed to be your representative, responsible for data, supplier accountability and in some cases quality, they must also keep their customers happy. This often means taking their data carte blanche and rarely going through proper due diligence processes. Keep in mind that whenever you make your suppliers pay for a service, the service providers loyalty to your firm is now in a conflict of interest with their new clients (your suppliers).

–          Supplier Buy In: Mandating that your supply chain pay for a third-party service provider, in most cases does not get a high percentage of buy in, especially for suppliers with whom you do not move large volumes of product. Key accounts will in almost all cases comply with the request, but as supply chain vendor proportions in terms of $ is typically a long tail, having these gaps in your compliance program can cause large issues for data integrity.

–          Being Draconian: With companies like BOMcheck, Ipoint and Source Intelligence all operating on supplier paid models, in many cases suppliers can be asked to subscribe to 3+ vendors. This isn’t realistic nor fair to your valued suppliers. Companies often take a lot of pride in their compliance programs and often have deep relationships with their test labs and software platforms. In many cases these suppliers will be very resistant, and could outright refuse using the third party vendor. This is not a best practise in supply chain management.

–          Supplier Paid Models Don’t Scale:  Over the last decade there has been an exponential rise in governance and compliance related regulations. Taken from PTC the graph below demonstrates the responsibilities that have been placed on compliance departments. Buying solutions for individual regulations do not scale. These vendors also have trouble adding functionality to the supplier side system as to do so at the same price point would be doing so for free. This is in conflict with their business model.

Increase In Compliance Regulations

Increase In Compliance Regulations

As an example. Imagine firm X makes suppliers pay $500/yr to access their data transmission portal for regulation A. As regulation B,C,D,E are introduced they have only 2 options. Fund the development from the customer instituting the mandate on their supplier (you) or making the supplier pay more. Suppliers cannot and will not pay large sums to fund a software platform that is of no benefit to them.

–          Supplier Paid Models Don’t Allow For Customizations:

Are you buying a platform or a single regulation solution? A platform can be both, a single source solution can only be one.


Each company must examine their own unique requirements and decide if they are instituting a band-aid type solution or investing in a long term, sustainable  and scalable compliance program. As more and more regulations are passed and enforcement becomes more rigorous companies must choose their vendor and model carefully.

Make sure to check out our webinars page for any upcoming webinars and feel free to contact us for more information about our regulatory compliance consulting services.

Or click here to download our Conflict Mineral Handbook!

Leave a Reply

Your email address will not be published. Required fields are marked *