Sodexo Norway is a responsible business and an S-HUB Corporate Member which has taken practical steps to internalize its transparency obligations.
Having finalized internal due diligence documents and processes one of our key focus areas has been to perform new risk assessments on all our suppliers. The aim here is to ensure that we have taken human rights into the calculation on a higher level than earlier, before rating them and placing them in the right risk category.
At Sodexo, we aspire to use local (Norwegian) suppliers and products, to the extent where this is possible. So far, we have no findings requiring any of our suppliers ending on a level of high or critical risk, but we have a handful of suppliers that have scored close to a high risk, due to high spend per year, and the fact that some suppliers have subcontractors with production in countries where human rights are not always being upheld. We have therefore decided to put our focus on these suppliers - together with those suppliers that are closest to our core business, delivering services on behalf of Sodexo at our clients’ premises..
We have chosen 4 different ways of initiating due diligence in Sodexo:
1. Audits/Reviews
2. Spot checks
3. Follow-up meetings
4. Observations in operations
At Sodexo, we aspire to use local (Norwegian) suppliers and products, to the extent where this is possible. So far, we have no findings requiring any of our suppliers ending on a level of high or critical risk, but we have a handful of suppliers that have scored close to a high risk, due to high spend per year, and the fact that some suppliers have subcontractors with production in countries where human rights are not always being upheld. We have therefore decided to put our focus on these suppliers - together with those suppliers that are closest to our core business, delivering services on behalf of Sodexo at our clients’ premises..
We have chosen 4 different ways of initiating due diligence in Sodexo:
1. Audits/Reviews
2. Spot checks
3. Follow-up meetings
4. Observations in operations
(Source:Innkjøp - P 13.1 - Prosedyre for gjennomføring av aktsomhetsvurderinger - informasjons- og påseplikt i Sodexo.)
Testing the procedures, routines and documentation:
After e-mailing back and hosting clarification phone calls with a few of our prioritized suppliers, it became apparent to us that some of our suppliers were simply not really prepared for the Transparency Act. We decided to create a template with a clear explanation of why we were asking for information, referring to the new law, in addition to clear specifications on what information we wanted.
Further discussions were held on the following topics:
1. How should we share information digitally and in line with data privacy (GDPR)?
Our recommendations for email responses were as follows:
It is mainly Supply Management who will perform the due diligence, but the Country management team, including HR and QSHE will have access to all documentation.
3. How long should the information be available – and should it be deleted? When should due diligence be carried out and a conclusion made?
We will keep all documentation until due diligence is closed and a conclusion is made. The documentation will then be deleted, and the supplier will be notified. While carrying out due diligence, documentation will be available on a dedicated sharepoint, only accessible for the group mentioned in point 2.
The documents from Arbeidstilsynet have been very helpful in our testing of the procedures, and after modifying them to fit our needs in Sodexo, they have been implemented and are now being used as checklists when carrying out due diligence assessments.
Another question came up after having tested the processes and procedures: Should it be standard to write a short conclusion that could also be shared with the supplier that is being investigated, even if there are no deviations found during due diligence? We will apply this in our procedures, and it will also be a good exercise for the upcoming report that needs to be completed and published within June 30th, every year.
The discussion right now, and I guess most companies experience the same, is focusing on how far we need to go in carrying out due diligence.
As an example, we can mention our wholesaler on food products. This supplier has more than 200 subcontractors, who also have subcontractors and manufacturers. is also subject tor the Transparency Act, and we know most of the subcontractors and manufacturers are as well. Will this be enough to investigate on tier 1 and 2, and then trust the documentation and information explaining that the next levels are being handled on the supplier and subcontractor level? There is no decision on this just yet.
At this point we have performed 4 spot checks and are in process with 3 of our biggest suppliers. So far, the conclusion is that our suppliers operate their business in fair manner and complies with laws and regulations that apply in Norway. Hopefully this is evidence of Sodexo having a strong pre-qualification process in place already, and that the trend will continue with an even stronger focus on human rights in the future.
After e-mailing back and hosting clarification phone calls with a few of our prioritized suppliers, it became apparent to us that some of our suppliers were simply not really prepared for the Transparency Act. We decided to create a template with a clear explanation of why we were asking for information, referring to the new law, in addition to clear specifications on what information we wanted.
Further discussions were held on the following topics:
1. How should we share information digitally and in line with data privacy (GDPR)?
Our recommendations for email responses were as follows:
- Include the personal informat1. ion in a document to be attached to the email and save it as “Read Only”.
- Use encryption or electronic document password protection.
- Inform the recipient of the password by telephone or, once receipt of the document is confirmed, in a separate email.
- Clearly mark the subject ‘Private and Confidential’.
- Save an audit trail of your email communications.
It is mainly Supply Management who will perform the due diligence, but the Country management team, including HR and QSHE will have access to all documentation.
3. How long should the information be available – and should it be deleted? When should due diligence be carried out and a conclusion made?
We will keep all documentation until due diligence is closed and a conclusion is made. The documentation will then be deleted, and the supplier will be notified. While carrying out due diligence, documentation will be available on a dedicated sharepoint, only accessible for the group mentioned in point 2.
The documents from Arbeidstilsynet have been very helpful in our testing of the procedures, and after modifying them to fit our needs in Sodexo, they have been implemented and are now being used as checklists when carrying out due diligence assessments.
Another question came up after having tested the processes and procedures: Should it be standard to write a short conclusion that could also be shared with the supplier that is being investigated, even if there are no deviations found during due diligence? We will apply this in our procedures, and it will also be a good exercise for the upcoming report that needs to be completed and published within June 30th, every year.
The discussion right now, and I guess most companies experience the same, is focusing on how far we need to go in carrying out due diligence.
As an example, we can mention our wholesaler on food products. This supplier has more than 200 subcontractors, who also have subcontractors and manufacturers. is also subject tor the Transparency Act, and we know most of the subcontractors and manufacturers are as well. Will this be enough to investigate on tier 1 and 2, and then trust the documentation and information explaining that the next levels are being handled on the supplier and subcontractor level? There is no decision on this just yet.
At this point we have performed 4 spot checks and are in process with 3 of our biggest suppliers. So far, the conclusion is that our suppliers operate their business in fair manner and complies with laws and regulations that apply in Norway. Hopefully this is evidence of Sodexo having a strong pre-qualification process in place already, and that the trend will continue with an even stronger focus on human rights in the future.
About the author:
Randi Daltvei - Head of Supply Management Sodexo AS. Randi is an experienced professional with strong competence in sourcing, category management and supply chain, both in private and public sectors. She has particular expertise developing, implementing and managing both large and small projects, always with sustainable solutions in mind. Sodexo AS is a corporate member of Sustainability Hub Norway and Randi is an active supporter of the work of the S-CPO network. She recently joined as a board member of the S-CPO Network Strategic Board, helping to inform the strategic direction of the network and the key issue areas and themes that should be covered in network activities.
|