Supply Chain Management and ESG: Protect Your Business & Generate Value

Introduction

Managing a business is hard; managing your supply chain is harder.

Companies have always faced the challenge of maintaining oversight of their suppliers while striving to maximize operational efficiency and reduce costs. This oversight is not just about optimizing operations—it is crucial for managing and preventing environmental and social disasters that can arise from a lack of visibility into upstream activities.

Extensive research has documented how “irresponsible supplier behaviour may undermine a [corporate’s] reputation, global brand equity, and future market prospects and business opportunities.” Like a host of other Environmental, Social, and Governance (ESG) issues, managing environmental, social, and governance risks in your supply chain is not just about moral responsibility – it’s about your bottom line.

Scandals like reports of child labour in Shein’s supply chain (2023) or forced labour used by one of Apple’s key suppliers, Foxconn (2016) have increased scrutiny over supply chain management from a whole range of stakeholders, including investors, employees, activists, politicians, and the media, consumers & the general public.

Today, we’ll explore why the importance of visibility and management of your supply chain, and best practices for getting ahead of potential disaster.

Why Care

The Reputational Risk

The consequences for corporates with limited visibility over their value chain are immense, and they have been glaringly obvious for decades.

Nike learned this the hard way: Life magazine published a report in 1996 that exposed deplorable working conditions for young children in Pakistani factories. It came at the same time as numerous other complaints and reports of abuses in the supply chain became public, from Vietnam to Indonesia.

After two decades of leveraging sports’ biggest stars through successful and innovative advertising campaigns, Nike’s image became closely associated with human rights abuses. This was a major problem for Nike, given they were selling a brand as much as sportswear.

Phil Knight, former CEO of Nike, claimed the reputational damage had no impact on Nike’s financial performance; yet, in 1998 as public pressure mounted, “Nike revenues and stock prices decreased by approximately 50 percent, and the company laid off 1,600 workers”.

Reputational risks associated with supply chain management are not reserved for large, multi-national enterprises (MNEs) like Nike. Small and medium enterprises (SMEs) can also be impacted, and they often also have tighter budgets and fewer resources to manage risk. This means a single disruption can have a significant impact for SME operations.

Furthermore, while SMEs often have a smaller supply chain, they are contending with ever more complex global supply chains that MNEs have more resources to oversee, and more influence to manage.

Ultimately, a range of stakeholders are noticing that SMEs need to have sufficient oversight and management of their supply chain. At NorthPeak, we have seen an uptick in requests from our asset manager clients who want to understand what gaps their portfolio companies might have for supply chain management. In turn, our asset manager clients are facing more stringent questions around human rights and environmental risks from investors.

Regardless of where you sit in this chain of activities, there is significant danger of having human rights and environmental abuses hidden in your value chain. It takes years to build a reputation, but only moments to destroy it.

And while Nike might have significant resources to recover from a fall from grace over the course of several years, many other companies do not.

And while Nike might have significant resources to recover from this fall from grace, many other companies do not.

The Regulatory Requirements

Reputational risk has driven many companies to address environmental and social issues in their supply chains for decades now; however, this threat was not enough for other companies.

Instead, they gambled on the likelihood that there were either no significant problems in their value chain or—more commonly—that the public would never hear about these issues.

A McKinsey survey reported that in 2024, only 30% of companies have transparency in their supply chain beyond tier one (i.e., direct suppliers). This is a 7 percent decrease since 2023 and 26 percent decrease since 2022.

This gamble is increasingly not viable, even if achieving comprehensive visibility over supply chain remains a challenge for corporates. The regulatory landscape has shifted dramatically in recent years, with the European Union at the forefront.

Companies now face not only reputational risks, but also significant legal risks tied to their supply chain practices.

Governments and regulatory bodies are introducing legislation to hold companies accountable for environmental and social risks within their supply chains. Businesses are increasingly expected to meet two key expectations:

• Visibility: This involves gaining an understanding of where environmental, social, and governance risks lie within value chains.
• Risk Management: This requires companies to demonstrate measures to prevent potential risks and mitigate negative environmental and social impacts.

Regulatory Examples

Europe

• The EU Corporate Sustainability Due Diligence Directive (CSDDD) is one of the most comprehensive regulations related to supply chain today. This Directive requires companies to identify and address adverse impacts on human rights and the environment within their value chains. The requirements for in-scope corporates, which includes both EU- and non-EU headquartered companies, will have reverberations down the value chain and around the world.
• The EU is not only targeting social risks in the supply chain. The EU Deforestation Regulation (EUDR) requires operators or traders bringing specific commodities into the EU market to provide evidence that “products do not originate from recently deforested land or have contributed to forest degradation.”
• Several European countries have additional requirements of their own, related to corporate governance and supply chain management, for example Germany and Norway.

Australia

• Australia has legislation related to managing modern slavery risks (Modern Slavery Act of 2018). This requires similar visibility and transparency of the value chain but focusses specifically on modern slavery risks in a corporate’s operations & supply chains.

United Kingdom

• The UK also has legislation to specifically prevent modern slavery in corporate operations and value chains (Modern Slavery Act of 2015). Several other pieces of legislation target other topics requiring due diligence and risk management for supply chains, for example the Environment Act of 2021.

United States

• The US does not have comprehensive federal legislation related to supply chain transparency and management, although there are several tariffs, acts, and agreements that require businesses to maintain good practices. For example, the United States-Mexico-Canada Agreement has enforceable labour standards, including for forced labour and child labour, and the Uyghur Forced Labor Prevention Act specifically prohibits goods to be imported from the autonomous Chinese region.
• California has the most expansive requirements in the US as it relates to supply chain management. The California Transparency in Supply Chains Act (CTSCA) increases corporate transparency, with the specific of aim of informing consumers about human trafficking and forced labour in supply chains.

As the regulatory landscape shifts, companies that fail to act risk significant legal penalties and financial losses, which in turns threatens companies’ ability to raise capital.

What to Do: Best Practices

Addressing ESG issues in the supply chain may seem daunting, but it is possible to make meaningful progress, simultaneously protecting your company’s reputation and complying with regulatory requirements.

Based on our experience supporting clients with supply chain management, NorthPeak Advisory advocates for a methodology that acknowledges the complexities of supply chains while prioritizing practical and efficient solutions.

Here are some best practices we have learned and perfected for our clients:

• Mapping of Operations & Value Chain – Companies cannot manage risks they do not know about or understand. A mapping of internal operations and the value chain is essential to efficiently identifying areas of potential high risk. Practicality is key: Focus on areas in your operations & value chain with the highest likelihood and most severe ESG issues, rather than attempting an exhaustive assessment of every component.
• Risk Assessment – Companies should leverage their operational and value chain map to conduct a risk assessment. Companies should develop a defensible methodology for prioritizing risks requiring immediate attention. This should include: assessing the likelihood of potential impacts; assessing the severity of actual impacts (this is defined by scale, scope, and irremediable character according to the EU’s CSDDD, but can include other elements tailored to your operations and supply chain); and assessing the level of involvement in an actual impact, ranging from causing to contributing to being linked to the impact.
• Due Diligence – Companies must implement due diligence processes both to identify potential additional risks not captured by the risk assessment and to ensure that identified risks are actively managed. Due Diligence encompasses several policies and processes to effectively engage with and monitor suppliers. For example: (1) Due Diligence Policy – this needs to outline internal expectations for supplier conduct, describe how ESG considerations are integrated into procurement practices, and summarise monitoring mechanisms. It will be your roadmap for comprehensive supply chain management. (2) Supplier-facing Code of Conduct – this will be a document outlining the standards your suppliers must adhere to, ensuring alignment with company values and compliance requirements. It’s a critical part of the foundation for fostering responsible partnerships and should communicate to supplier what to expect if they do not adhere to your company standards. (3) Supplier Onboarding and Management System – this is a structured process for efficiently onboarding and managing suppliers, enabling streamlined communication, performance tracking, and compliance monitoring throughout the supplier lifecycle. It will often require a tech solution / platform. (4) Supplier Audits and Self-Assessments – this should be a combination of company-led audits and supplier-completed assessments designed to actually evaluate adherence to your established standards, ensuring you can identify and manage risks in a timely manner.

By adopting these practices, companies can better navigate the evolving ESG landscape, manage risks effectively, and enhance their resilience against reputational and legal challenges.

The stakes are high, but transparency and accountability in supply chains is no longer optional: it’s a regulatory requirement and public expectation.

Reach out to NorthPeak’s expert supply chain team at corporate@northpeakadvisory.com with any queries on supply chain management and CSDDD alignment.

Important Notice

The document is being supplied by NorthPeak Advisory in good faith detailing an opinion, information or service offered by NorthPeak Advisory. This opinion, information or service is offered based on our understanding of relevant current regulation and market practices which we believe, but do not guarantee to be accurate or complete; however, we are not responsible for errors or omissions that may occur. The services offered may change through time as managed by NorthPeak Advisory.