KYS stands for "Know Your Supplier". It is a crucial process for companies to assess and manage the risks associated with their suppliers. It involves collecting, analyzing and verifying information on these companies to ensure their legal, ethical and operational compliance.
What is KYS?
KYS is a due diligence practice. It enables companies to better understand their suppliers, their business practices and the potential risks associated with their activities. By developing an in-depth knowledge of the environment, companies can strengthen their resilience and control of business risks. In this way, they can enhance their operational performance.
KYS is not only of general interest, it is in fact a legal obligation for companies. To combat corruption and money laundering, institutions have set up regulatory KYC, KYE and KYS standards. These checks are backed up by early-warning systems, regular audits and a sanctions commission in the event of non-compliance.
Importance of KYS for companies
KYS is of crucial importance to companies. Especially as supply chains become increasingly complex and globalized. Here are just a few reasons why KYS is essential:
Risk management :
By identifying and assessing the risks associated with their suppliers, companies can anticipate and mitigate potential threats. These include fraud, corruption, human rights violations, non-compliance with occupational health and safety standards, and environmental damage.
Regulatory compliance :
Companies are subject to strict compliance regulations. This is particularly true in areas such as anti-corruption, human rights and environmental protection. KYS enables companies to meet their legal obligations, but not only that. It also enables them to avoid financial (and sometimes criminal) sanctions, and thus reduce the risk of reputational damage.
Reputation protection :
Companies need to protect their reputation and brand. By ensuring that their suppliers meet high ethical and social standards, they can avoid scandals. Such scandals could damage their image and credibility with customers, investors and the general public.
Improving relations with stakeholders:
By adopting responsible sourcing practices, companies can strengthen their relationships with their stakeholders. This includes customers, investors, regulators and local communities.
In short, KYS is much more than just an administrative formality for companies. It is an essential part of their risk management strategy, their commitment to corporate social responsibility (CSR ) and their environmental values.
KYS regulatory framework
International regulatory framework
KYS is governed by various international regulations and standards designed to promote transparency, accountability and compliance in commercial relations. These regulations include:
- ISO standards (International Organization for Standardization). Such as ISO 37001 on anti-corruption management systems. They provide guidelines for establishing and maintaining effective anti-corruption practices.
- International conventions: Notably the United Nations Convention against Corruption (UNCAC). These establish global standards for the prevention, repression and international cooperation of corruption.
- Industry initiatives: for example, the Global Reporting Initiative (GRI) and the Sustainable Apparel Coalition (SAC). They encourage companies to report transparently on their supplier management practices and sustainability performance.
Specific requirements in certain jurisdictions
In addition to international regulations, many national jurisdictions have introduced their own laws and regulations relating to KYS. Notable examples include:
- France's Sapin II law, which requires French companies to set up compliance programs. These help to prevent and detect corruption risks, including in their relations with suppliers.
- France's "duty of vigilance" law is no exception. It requires large companies to draw up and implement a due diligence plan. The aim is to prevent human rights and environmental abuses in their supply chains.
Sapin II: fighting corruption
The Sapin II law was adopted in France in November 2016. It aims to strengthen the fight against corruption and influence peddling. It concerns French companies, as well as the French subsidiaries of foreign groups. These entities must implement measures to prevent and detect corruption, particularly in their relations with suppliers.
The Sapin II law on KYS brings together a large number of provisions. These include the obligation for companies to set up compliance programs. These include supplier and third-party verification procedures, as well as mechanisms for reporting suspicious practices.
The Duty of Vigilance Act was passed in France in March 2017. It aims to strengthen the social and environmental responsibility of companies. This includes their global supply chains. It requires large French companies with more than 5,000 employees (or more than 10,000 employees for international groups) to draw up and implement a vigilance plan. The latter aims to prevent human rights, social and environmental abuses in their activities and those of their suppliers.
The vigilance plan must include due diligence measures vis-à-vis suppliers, particularly with regard to the identification and assessment of risks of human rights and environmental violations, as well as monitoring and regular reporting mechanisms on the implementation of the plan.
Steps in the KYS process for suppliers
Supplier identification
The first step in the KYS process is to identify potential suppliers. This can be done through market research. But also through recommendations from other companies or partners. Another method is to use online platforms specialized in bringing buyers and suppliers together.
Information gathering
The next step is to collect detailed information about them. This may include information such as their company name, address, tax identification number, certifications and licenses. But also information on their corporate governance, ownership structure and business practices.
Information can be gathered from a variety of sources. For example: commercial databases, public registers, annual reports and information provided directly by suppliers.
It is also possible to call on companies specializing in the verification of corporate documents, such as Datakeen.
Risk assessment
Once the information has been collected, it is important toassess the risks associated with each supplier. This may include identifying risks of corruption, fraud, non-compliance with social and environmental standards. As well as other potential reputational and compliance risks.
Risk assessment can be carried out using a variety of tools and methods. For example, due diligence questionnaires, financial analyses, background checks and assessments of business practices.
Datakeen can help you assess your suppliers' risks.
Monitoring and ongoing management
Finally, it is essential to put in place an ongoing monitoring and management system to ensure their continued compliance. This happens once suppliers have been identified, information collected and risks assessed.
This may include regular monitoring of suppliers and updating of information. But it can also include conducting regularaudits andinspections, as well as implementing corrective measures in the event of non-compliance.
Tools and technologies to facilitate the KYS process
KYS specialized software solutions
Companies can use specialized supplier control software solutions to facilitate and automate the KYS process. These solutions generally offer functionalities such as corporate data collection and verification. Once the data has been retrieved, some enable risk calculation and report generation.
By using software tools, companies can streamline the process of collecting and analyzing supplier information. This reduces human error and improves the effectiveness of their compliance programs.
Using Artificial Intelligence in KYS
Artificial Intelligence (AI ) also offers promising possibilities for improving the KYS process. Companies can use machine learning algorithms to analyze large quantities of data. This makes it possible to detect patterns and anomalies that could indicate potential risks.
For example, AI can be used to analyze financial transactions, monitor social media and news, and identify suspicious behavior or practices among suppliers. This enables companies to identify risks more quickly and take preventive action.
Case studies: examples of companies and their approaches to KYS
Companies that have implemented best practices
Several companies have set up exemplary KYS programs. They demonstrate the importance and benefits of a proactive approach to supplier management. These companies include world leaders in various sectors, such as manufacturing, technology, finance and consumer goods.
For example, a leading technology company has developed a sophisticated supplier management system. This incorporates real-time monitoring tools and alert mechanisms to detect potential risks as soon as they arise. Thanks to this proactive approach, the company was able to reduce incidents of non-compliance and improve its reputation with stakeholders.
Consequences for companies that have neglected KYS
On the other hand, companies that neglect KYS run the risk of suffering serious consequences. These can include fines, litigation, financial losses and reputational damage. Several companies have faced scandals and regulatory investigations due to questionable business practices by their suppliers. This has resulted in considerable financial losses and irreparable damage to their brand image.
For example, a clothing manufacturing company faced accusations of child labor in its supply chain. These accusations led to product boycotts, lawsuits and a significant drop in sales. These consequences could have been avoided if the company had put in place appropriate controls to assess and manage the risks associated with its suppliers.
Best practices for implementing an effective KYS program
Management involvement
One of the first best practices for implementing an effective KYS program is active management involvement. Senior management must support and promote supplier compliance initiatives. These initiatives require adequate resources and clear objectives for the program.
Management must also regularly communicate the importance of KYS. But also about supplier compliance expectations at all levels of the organization. The aim here is to ensure greater buy-in and accountability.
Employee training
Another good practice is to provide adequate training for employees involved in the KYS process. This includes not only purchasing and compliance teams. But also operations, finance and HR managers who may be required to work with suppliers.
The training should cover topics such as:
- Applicable regulations
- Internal company policies and procedures
- All the tools and technologies used for KYS
- As well as best practices in due diligence and risk management
Working with suppliers
Finally, close collaboration with suppliers is essential to the success of the KYS program. Companies must work in partnership with their suppliers to ensure that they understand and meet compliance requirements. The company must help them to improve their business practices where necessary.
This may involve organizing regular meetings with suppliers to discuss compliance expectations. Providing educational resources and training can be another method. As well as setting up monitoring and reporting mechanisms to assess suppliers' compliance performance.
Conclusion
Summary of key points
The Know Your Supplier (KYS ) process has become an essential practice for companies wishing to effectively manage the risks associated with their suppliers. By actively identifying, evaluating and monitoring suppliers, companies can strengthen regulatory compliance, protect their reputation and improve operational performance.
In this article, we examine the importance of KYS for companies, as well as the international and national regulatory framework that frames this practice. We have also explored the stages in the KYS process, the tools and technologies available, and best practices for effective implementation.
