Category Archives: Compliance

Compliance – A Complex Problem with few Procurement-Centric Solutions

Why is compliance a complex problem with few Procurement-Centric Solutions? Because compliance goes well beyond the narrow view that many platforms take. At a high level, we have:

  • Regulatory Compliance
    which consists of government regulations at various levels that need to be adhered to and consists of requirements across organizational governance, workforce, materials, services, trade, and environmental considerations
  • Organizational Compliance
    which consists of adhering to the policies your organization puts in place for purchasing, inventory tracking, regulatory compliance, auditing, etc.
  • Industry Compliance
    which consists of adhering to industry standards and collective agreements
  • Governance
    which consists of ensuring that all governance requirements of the organization are met across the regulatory, organizational, and industry efforts

And when you look at the market, most of the solutions on the market are narrowly focussed on:

  • Environmental Compliance across environmental sustainability factors
  • Trade Compliance to insure that all trade regulations are adhered to (and appropriate paperwork filled out)
  • Tax Compliance to insure all appropriate taxes paid (or reclaimed)
  • Workforce Compliance to insure all workers are eligible, appropriately paid, and/or appropriately insured
  • Governance Compliance which makes sure appropriate internal processes are followed (and documentation maintained for audit trails)

… and, to slightly modify a common phase, never any two shall meet. And that’s why it’s a complex problem with few solutions in Supply Management. Will this change soon? We shall see …

Integration Point: A Global Content Provider

When we last covered Integration Point (in 2008 and 2010), we discussed their solutions for customs, security, and product classification; for free / secure trade zones and for regulatory compliance.

We talked about how their SaaS solutions helped companies with product classification under HS codes, advance notification (as required by 10+2), denied party screening (through integration with the US denied party lists), free trade / special economic zones (and identification of associated agreements), and the creation of necessary documents as well as the creation of surveys to determine if the supply base was compliant.

It was a good all-around solution, but it wasn’t a one-stop shop. While the import and export management solutions were extensive, the supply chain compliance solutions were limited; free trade was primarily ECCN, entry visibility, and country of origin; there was no automatic HS or country of origin classification; and content was primarily limited to HS/HTS codes, common import documentation, custom compliance documentation, and FTA summaries.

However, recognizing that their entire solution was dependent on good content, Integration Point, which now has twenty (20) offices across six (6) continents (and which promises an Antartica office as soon as the penguins start trading), started working on a Content Repository ten years ago and over the last decade has grown that content repository into a Global Content Repository with relevant trade data for over 185 countries. This include HS Codes, Tariff Schedules, Import/Export documentation requirements, rulings, free trade agreements, free trade and special economic zones, customs compliance programs, denied parties, sanctions and embargoes, and relevant trade acts, such as Lacey. The repository, which is maintained by a team of over 200 people globally, contains millions of base documents and millions of codings and mappings and is updated daily.

Daily updates is a critical part of a trade content repository. While some countries only update their tariff schedules a few times a year, others update their schedules monthly, and some update their schedules weekly (or more as Brazil once updated its schedules 80 times in one year). In addition, as trade relations improve or break down between countries, new trade restrictions / sanctions / embargoes are created almost overnight, denied parties get added to the list daily, and new regulations and rulings also come out on a daily basis. Correct classification, coding, and documentation is the difference between trouble-free trade and having your shipment held up for days, weeks, or months. And not shipping a restricted product to a denied party is the difference between smooth sailing and being federally investigated and fined millions of dollars. In both cases, your logistics and trade managers can only insure properly documented, legal, trade if they are on the ball with up-to-date data.

Since Integration Point has a global team, Integration Point, which sells access to its content repository as well as its trade management solutions on a subscription basis, is able to keep its repository current, which is no mean feat considering there have been over 2M updates to HS classifications alone on a global basis so far this year and over 1M updates to the import / export document database were required to capture regulation updates, trade agreement updates, form updates, and new rulings.

Integration Point now has one of the best and most complete Global Content Solutions out there and should be included in your list of content solution providers as you endeavour to get your compliance under control because Content is a Cornerstone of Compliance.

Plus, based on this content, Integration Point is now able to offer innovative solutions around country of origin determination, product classification, tariff analysis, and supply chain costing. We will cover these in future posts in early 2015.

Content is a Cornerstone of Compliance

In Friday’s post, we asked if you could solve the compliance challenge before it cost you tens or hundreds of millions of dollars. We noted that the biggest reasons for lack of compliance are lack of knowledge, policy, visibility, analysis, and procurement technology and the fixes are knowledge, policy, and appropriate technology.

One of those technologies is a Procurement Marketplace that can steer (or force) buyers to buy the right products from the right (and approved) suppliers. Another is supply chain visibility technology that lets a company monitor what is going on in the supply chain and evaluate a potential supply base before making a decision. A third is import/export/trade management software that helps the organization identify the regulations it must comply with, collect the necessary information, produce the required documents, make sure the documents get to the proper authorities complete and on-time, and track all of the associated certifications and insurance certificates that go with the products and the supply base.

A good trade solution will address, at a minimum, import/export requirements, ECCN (Export Control Classification Number), custom security programs, FTA/FTZ/SEZ (Free Trade Agreements/Free Trade Zones/Special Economic Zones), country of origin, HS (Harmonized System) codes / HTS (Harmonized Tariff Schedule) codes, DPS (denied party screening), and entry visibility. Essentially it will help a company determine all of the export requirements, all of the import requirements, produce the necessary documentation, and track its product from country of origin to the destination country.

In order for this solution to work, it needs a lot of content. Namely:

  • import/export regulations for all of the countries being sourced from, sourced through, and shipped to
  • US ECCN database
  • requirements for programs such as C-TPAT, PIP, and AEO
  • Free Trade Agreements between all of the relevant countries
  • database of all FTZs / SEZs in the relevant countries
  • HS schedules for all of the relevant countries and mappings
    and/or mappings to from country specific schedules
  • Denied parties lists for the relevant countries

That’s a tall order. But no longer an impossible one. Stay Tuned.

Can You Solve the Compliance Challenge?

Regulatory compliance is usually defined by an organization’s adherence to laws, regulations, guidelines and specifications relevant to its business.

There are two primary categories:

  • Internal compliance that focusses on the policies and procedures of the organization (which must be followed to insure SOX compliance) and is focussed on personnel and procurement
  • External compliance that focusses on the (government) legislation and agreements that govern the operation of the organization and falls into the categories of:
    • financial/operational
    • import/export
    • environmental
    • private data / worker’s rights
    • insurance / liability

Non-compliance can be a very costly situation for an organization to find itself in as it can cost an organization hundreds of millions of dollars in some cases. Consider the following costs of external non-compliance:


  • SOX violations can cost up to 5M per violation; even Deloitte, known for its audits, had to pay 2 Million for a SOX violation
  • Anti-bribery violations have no ceiling; Aon paying £ 5.25 M in 2009, Wills Limited paying £ 6.9 M in 2011, and Macmillan Publishers paying £ 11.26 M in 2011
  • FCPA violations don’t have a ceiling either; Weatherford International paid $152.6 M in 2013, Alcoa paid $384 M in 2014, and Siemens paid $800 M in 2008


Meggitt paid 25 M in 2013 to settle charges of AECA & ITAR violations, Standard Chartered Bank paid 132 M in 2012 to settle charges of OFAC sanction violations, and ING Bank N.V. recently paid 619 M to settle charges of several OFAC sanction violations


In 2012, Wal-Mart paid $8M to settle a workers’ compensation class action settlement, and in 2010 a jury awarded $82.5 in a workplace death lawsuit

Lack of compliance costs. Dearly. Why is there a lack of compliance in most organizations? Lack of knowledge, policy, visibility, analysis, and procurement technology. Knowledge can be addressed with training. Policy can be fixed with planning. But visibility, analysis, and procurement fixes require technology.

What kind of technology?

Supply Chain Visibility, Spend Analytics, and a Procurement Marketplace that captures, tracks, and maintains an audit trail of all of the relevant data to insure SOX and FCPA are not violated, import and export restrictions and requirements are adhered to, and that suppliers comply with insurance and regulatory compliance.

To find out how a Procurement Marketplace helps your organization solve the compliance challenge, reduce maverick spending, and enable organizational growth, download Sourcing Innovation’s latest white-paper on The
Procurement Marketplace and The Power of Compliance
(registration required), sponsored by Vinimaya.

It’s Illegal to Burn Money, But Yet Your Organization Does It Every Day! (So Find Out How to Do Something About It!)

Title 18, Section 33 of the United States Code says you shall not mutilate, cut, disfigure, perforate, unite or cement together, or do any other thing to any bank bill, draft, note, or other evidence of debt issued by any national banking association, Federal Reserve Bank, or Federal Reserve System, with intent to render such item(s) unfit to be reissued and if you do, you can be fined or imprisoned for up to 6 months. But yet, every day, organizations everywhere collectively flush billions of dollars down the drain, overpaying suppliers, including foreign suppliers, millions of dollars that can not be recovered and reissued by the organization for other business purposes.

If it wasn’t for the fact that the vast majority of these organizations don’t intend to overpay and waste money, since this money (and evidence of debt) flows through the American banking system, I would otherwise be inclined to argue that, technically, this gross incompetence in management of corporate funds is criminal.

For proof that the average organization wastes money, we simply have to look to the audit recovery industry which recovers, on average 1% to 1.5% of annual spend. And, typically, this is just what they can find with a quick, mostly manual, review of the top n suppliers that account for 2/3rds (66%) to 3/4ths (75%) of external organizational spend using a very loose interpretation of the 80/20 rule. And that’s just overspend. What about spend that should never of happened in the first place (because it was off-contract and 15% higher than contracted rates)? Or unrecoverable losses due to a key supplier not having mandatory insurance policies in place? Or gross violations of the T&E (Travel & Expense) policy (that border on criminal malfeasance) where the VP of Sales decides that a dinner costing 2K / head at the local strip club is a valid use of the organization’s P-Card?

But most of these situations are easily preventable by a Procurement system that is designed to not only enforce compliance, but make it easy. To find out how, check out Sourcing Innovation’s New White Paper on The Procurement Marketplace and the Power of Compliance (registration), sponsored by Vinimaya.