sv
Menu

4. Prevent and mitigate (linkage)

Contract clause

​Supplier shall use its leverage to prevent and mitigate actual and potential adverse impacts linked to Supplier’s operations, by

a) assessing risk suppliers based on the commitments in the Supplier Code of Conduct and the due diligence process, with a particular focus on the most significant risks identified,
b) establishing action plans for risk suppliers, with a particular focus on the most significant risks identified,
c) cascading the commitments in the Supplier Code of Conduct (section 1) and the due diligence process (section 2) in writing to risk suppliers,
d) requiring risk suppliers to disclose their supply chains in accordance with the supply chain transparency requirement (section 4.4) and
e) ensuring the possibility of temporarily suspending deliveries from a sub-supplier while preventive and mitigating measures are implemented and, in the event of severe deviations that remain unaddressed, the possibility of terminating the contract with the sub-supplier concerned.

Leverage

You shall use your leverage to prevent and mitigate actual and potential adverse impacts linked to your operations.

Linkage

You are linked to adverse impacts caused by a sub-supplier or another actor in the supply chain.

The link arises through the connection between your operations, products, or services and the adverse impact.

Being linked to an adverse impact does not require a contractual relationship.

Examples of linkage

You sell computers whose supply chain includes cobalt that is mined using child labour.

You sell shirts whose supply chain includes home-based child labour in the garment manufacturing stage.

You sell bananas whose cultivation contributes to environmental pollution that adversely affects local communities and workers.

PAGE CONTENT

a) Assess risk suppliers

b) Establish action plans

c) Cascade requirements

d) Require disclosure of supply chains

e) Suspend or terminate contract

Templates process requirement 4

PROCESS REQUIREMENTS DUE DILIGENCE

1. Policies and responsibilities

2. Risk assessments

3. Prevent and mitigate (causation/contribution)

4. Prevent and mitigate (linkage)

5. Monitoring

6. Complaints

7. Remediation

RELATED LINKS SUPPLIERS

1. Supplier’s commitments

2. Supplier’s due diligence

3. Supplier’s reporting obligation

RELATED LINKS BUYERS

1. Prepare procurement

2. Carry out procurement

3. Manage contract

If you are linked to an adverse impact, you shall use your leverage to encourage the party causing or contributing to the adverse impact to cease, prevent, or mitigate it.

Leverage is considered to exist where you have the ability to effect change in the wrongful practices of the party causing or contributing to the adverse impact.

How you should act depends on the extent of your leverage, the severity of the adverse impact, and the relevant industry and business circumstances. Factors such as the degree of control, the significance of the business relationship, and your market influence may also affect which measures are appropriate.

Examples of how you can use your leverage:

  • Cascade the commitments and the due diligence process.
  • Require supply chain transparency from sub-suppliers.
  • Choose certified products.
  • Support sub-suppliers in developing and implementing action plans.
  • Monitor sub-suppliers’ actions to prevent and mitigate adverse impacts.
  • Engage in dialogue with sub-suppliers via letters, emails, calls, or meetings.
  • Build sub-suppliers’ capacity through training, upgrades of systems, and protective equipment.
  • Offer long-term contracts to sub-suppliers that improve their sustainability efforts.
  • Facilitate financing through loans, direct support, or low-interest rates.
  • Collaborate with other buyers through industry organisations and multi-stakeholder initiatives.
  • Support or encourage sub-suppliers’ participation in industry organisations and multi-stakeholder initiatives.
  • Collaborate with authorities to improve legislation, oversight, and enforcement measures.

If you do not have sufficient leverage, you should consider how it can be strengthened, for example by building long-term business relationships, using commercial incentives, engaging with the supplier’s management, or collaborating with other actors in the industry and in multi-stakeholder initiatives.

The contract clauses set out five ways of exercising leverage. The requirements are risk-based, meaning that the measures in sections (a)–(d) shall be applied to suppliers identified as risk suppliers. Information on how to identify risk suppliers is provided in process requirement 2. Risk Assessments. The requirement in section (e) applies to all sub-suppliers.

a) Assess risk suppliers

You shall assess risk suppliers based on the commitments in the Supplier Code of Conduct and the due diligence process, with a particular focus on the most significant risks identified.

Supplier assessments are distinct from risk assessments. Risk assessments identify the most significant risks, whereas supplier assessments evaluate how well risk suppliers:

  • manage those risks; and
  • implement due diligence.

This means that the term supplier assessment is used in a broad sense in this guidance. It may encompass different forms of supplier assessments and selection processes, such as qualification, site visits, inspections, audits, as well as how tenders are evaluated in a procurement process through award criteria.

Questionnaires

Questionnaires are often used to qualify new suppliers and monitor existing suppliers. The assessment is based on information and documentation provided by the supplier itself.

Questionnaires can be designed in Excel, Word, or platforms and may consist of your own questions or standardised questions provided by the platform provider. The questions should cover both due diligence and the most significant risks that have been identified. To ensure reliability, the supplier should substantiate its responses with relevant documentation.

We have developed a questionnaire containing questions that address:

  • due diligence for responsible sourcing
  • traceability and transparency
  • the most significant risks.

The due diligence questions are available at three different levels: frontrunner, advanced, and basic. Guidance is provided to help you select the appropriate level based on the supply chain risk, the size of the suppliers, and the sustainability maturity of the industry.

You may choose whether to use the different categories of questions as qualification criteria or award criteria.

The questionnaire is available at Templates process requirement 4. There is no requirement to use our questionnaire.

Site visits and inspections

If you have the capacity and leverage to carry out site visits or inspections, these should cover actual and potential adverse impacts on people, the environment, and society, not only product quality or the supplier’s production capacity. Key aspects of site visits and inspections include:

  • Review of policies and documents, including recruitment guidelines, contracts, wage payments, work schedules, time records, and overtime compensation.
  • Interviews with workers to identify risks.
  • Inspection of facilities, including accommodation, to assess health, safety, and environmental conditions.
  • Consultation with local organisations and human rights defenders to understand impacts on communities.
  • Mapping of interactions with authorities, such as permits, supervision, and tax and customs payments.

Third-party audits

Third-party audits are supplier assessments conducted by independent auditors within the framework of multi-stakeholder initiatives or standard systems, such as amfori BSCI, SMETA, and SA8000. The results are documented in an audit report and may be supplemented with corrective action plans.

If you are a member of a multi-stakeholder initiative or use a standard system, you should ensure that the system’s requirements and methodology are regularly evaluated in relation to your operational needs and the risks to be managed.

Even if you are not a member of an initiative or system, you can ask the supplier to share audit reports. It is often in suppliers’ interest to share such information in order to avoid repeated audits and inspections. However, you should always review the methodology, the scope of the audit, and the auditors’ independence before using the results.

Particular focus on the most significant risks

As with all due diligence, focus shall be on the most significant risks, assessed based on their likelihood and severity. This means that supplier assessments shall reflect your risk prioritisation.

For support on how to prioritise risks based on likelihood and severity, see process requirement 2. Risk assessments.

Suggested verifications

  • Instructions describing how you assess risk suppliers based on the commitments and the due diligence process, with particular focus on the most significant risks that have been identified.
  • Qualification and award criteria, for sample products.
  • Questionnaires, for sample products.
  • Reports from site visits or inspections, for sample products.
  • Third-party audits, for sample products.

Guidance for auditor

Fulfils requirement

The company has instructions or equivalent documentation/templates that describe how it assesses risk suppliers based on the commitments and the due diligence process, including:

  • How supplier assessments cover the risk supplier’s due diligence.
  • How supplier assessments target the most significant risks identified, which assumes that there is a risk assessment.
  • How supplier assessments are carried out — through questionnaires, site visits, inspections or by obtaining third-party audit reports.

Supplier assessments are available for sample products and these cover both the supplier’s due diligence and the most significant risks identified.

Does not fulfil requirement

The company lacks instructions or equivalent documentation/templates that describe how it assesses risk suppliers based on the commitments and the due diligence process, or they are incomplete:

  • Supplier assessments do not cover the risk supplier’s due diligence.
  • Supplier assessments do not focus on the most significant risks identified, for example because there is no risk assessment.
  • It is not clear how supplier assessments are carried out — through questionnaires, site visits, inspections or by obtaining third-party audit reports.

Supplier assessments for sample products are missing or incomplete. Examples of shortcomings may include that they only cover the supplier’s due diligence or the most significant risks identified.

b) Establish action plans

You shall establish action plans for risk suppliers, with a particular focus on the most significant risks identified.

The requirement concerns your own measures to prevent and mitigate supply chain risks. Therefore, this does not refer to the corrective action plans that risk suppliers develop as a result of site visits, inspections, or audits. The action plans shall describe how you intend to prevent and mitigate the identified risks. They should include both:

systematic measures that strengthen your due diligence, such as supplier assessments, contractual terms, follow-up (including risk suppliers’ action plans), and capacity-building efforts, and

targeted measures tailored to the most significant risks that have been identified.

The action plans shall be documented and include:

  • Measures – descriptions of how you will prevent and mitigate the adverse impact.
  • Timeframes – dates by which the measures must be implemented.
  • Responsible persons – individuals responsible for implementing the measures.

​In our supply chain risk assessment template, available at Templates process requirement 4, you are supported in identifying both systematic and targeted measures.

Below are proposed measures linked to the examples above.

Examples of linkageProposed measures
You sell computers whose supply chain includes cobalt that is mined using child labour.Require traceability to smelters, refineries, and, where possible, the mine. Influence the brand to carry out risk-based due diligence and take action against child labour in cobalt mining. Terminate the cooperation if the supplier is not willing to improve its practices.
You sell shirts whose supply chain includes home-based child labour in the garment manufacturing stage.Emphasise that child labour must not occur and follow up to ensure that the supplier takes measures to facilitate the transition away from child labour. Terminate the cooperation if the supplier is not willing to improve its practices.
You sell bananas whose cultivation contributes to environmental pollution that adversely affects local communities and workers.Choose bananas from certified suppliers with requirements for reduced environmental impact and improved working conditions. Follow up to ensure that suppliers are working to reduce pollution and protect local communities and workers.
Particular focus on the most significant risks

The measures shall be based on the most significant risks, assessed in terms of likelihood and severity. This means that the most severe risks must be addressed first.

In the example of child labour above, there are likely other risks in the factory, such as excessive overtime. Since child labour is likely one of the most significant risks, it should be prioritised.

Timeframes need to be established based on the circumstances of each individual case. Once the most significant risks have been addressed, work should continue with the next risk in order of priority.

For guidance on how to prioritise risks based on likelihood and severity, see process requirement 2. Risk assessments.

What about certified products?

Choosing certified products is a risk mitigation measure, not a substitute for due diligence.

Certifications can reduce the risk of adverse impacts, but they cannot guarantee that such impacts do not occur. It is therefore important to understand what risks exist and how they should be prevented and mitigated.

If you choose certified products as a risk mitigation measure, this should be documented in the action plan.

Suggested verifications

  • Instructions describing how you establish action plans for risk suppliers, with a particular focus on the most significant risks identified.
  • Action plans for suppliers of sample products.

Guidance for auditor

Fulfils requirement

The company has instructions or equivalent documentation/templates that describe how it establishes action plans for risk suppliers/prioritised purchasing categories, including:

  • How the action plans take aim at the company’s own actions.
  • How the action plans focus on the most significant risks.
  • How the action plans include measures, timeframes, and responsible persons.

There are action plans for sample products and these take aim at the company’s own actions, focus on the most significant risks and include measures, timeframes and responsible persons.

Does not fulfil requirement

The company lacks instructions or equivalent documentation/templates that describe how it establishes action plans for risk suppliers/prioritised purchasing categories, or they are incomplete:

  • It is not clear that the action plans take aim at the company’s own actions.
  • It is not clear that the action plans focus on the most significant risks.
  • The action plans lack measures, timeframes or responsible persons.

Action plans for sample products are missing or incomplete. Examples of shortcomings may be that they do not target the company’s own actions, do not focus on the most significant risks and/or do not include measures, timeframes and/or responsible persons.

c) Cascade requirements

You shall cascade the commitments in the Supplier Code of Conduct and the due diligence process in writing to risk suppliers. ​​​

This is normally done through contract clauses and codes of conduct.

You are not required to use the regions’ Supplier Code of Conduct, but you should, as far as possible (through comparison), ensure that equivalent commitments are cascaded. We also describe below how you can handle multi-stakeholder initiative codes of conduct, brands that do not sign codes of conduct, and sustainability declarations.

Regarding the due diligence process, it is sufficient that you require risk suppliers to work in line with the UN Guiding Principles on Business and Human Rights and the OECD Due Diligence Guidance for Responsible Business Conduct. If you choose to use the European Model Clauses, these contain sufficient provisions.

Multi-stakeholder initiative codes of conduct

Sub-suppliers often have many customers and supply multiple industries. It may therefore be impractical to unilaterally apply your own requirements without considering the expectations of other customers or initiatives.

You can therefore follow international or industry-specific standards. However, these should be compared with the commitments. In the event of discrepancies, you should work within the initiative to harmonise the standards with the requirements.

Brands that do not sign codes of conduct

Some sub-suppliers, particularly multinational brand owners in industries such as footwear and electronics, do not sign the codes of conduct of smaller resellers.

In such cases, you should compare the brand owner’s policies with the commitments. In the event of discrepancies, you may consider joining a multi-stakeholder initiative to strengthen your leverage.

Sustainability declarations

The regions and Adda can support the cascading of requirements through sustainability declarations in the tender process. These relate to brand owners’ commitments and due diligence processes, rather than resellers’ requirements.

Declarations can be used in industries where resellers have limited leverage, such as electronics and automotive. You are responsible for forwarding the declaration to the brand owner, who signs it. You then submit it with the tender.

This does not replace your responsibility for the contract clauses. All communication takes place via you, but the arrangement can strengthen impact by making the requirements visible to the brand owner.

Suggested verifications

  • Instructions for the cascading of the commitments and the due diligence process.
  • Contract clauses covering the commitments and the due diligence process, for sample products.
  • Signed codes of conduct, for sample products.
  • If you use a multi-stakeholder initiative’s code of conduct: a comparison of the code of conduct against the commitments and a description of how you work to ensure the initiative revises the code, where necessary.
  • If you sell goods from a brand that does not sign your code of conduct: a comparison of their code of conduct against the commitments and a description of any measures taken to increase your influence.
  • Signed sustainability declarations, for sample products.

Guidance for auditor

Fulfils requirement

The company has instructions or equivalent documentation/templates that describe how it cascades the commitments and due diligence process in writing to risk suppliers, including:

  • How this is done through contract clauses and codes of conduct.
  • How the risk supplier is required to, in turn, cascade the commitments and due diligence process.

There is evidence to show that the commitments and due diligence process have been cascaded for sample products.

  • If a multi-stakeholder initiative code of conduct is used, the company has compared the code with the commitments and can explain how it is working to influence the initiative to revise the code, where needed.
  • If the company sells products from a brand that does not sign the company’s code of conduct, the company has compared the brand’s code of conduct with the commitments.
  • If the contracting organisation uses sustainability declarations, these are signed by the brands.
Does not fulfil requirement

The company lacks instructions or equivalent documentation/templates that describe how it cascades the commitments and due diligence process in writing to risk providers, or they are incomplete:

  • It is not clear that the commitments and/or due diligence process are cascaded through contract clauses or codes of conduct.
  • There is no requirement for the risk supplier to, in turn, cascade the commitments and due diligence process.

There is no evidence to show that the commitments and due diligence process have been cascaded for sample products, or it is incomplete:

  • The commitments have been cascaded but not the due diligence process.
  • The company uses a multi-stakeholder initiative code of conduct without having compared the code with the commitments and/or without being able to explain how it works to influence the initiative to revise the code, where needed.
  • The company sells products from a brand that does not sign the company’s code of conduct, without having compared the brand’s code of conduct with the commitments.
  • Signed sustainability declarations are missing.

Policies that have been updated after audit have not been cascaded to risk suppliers.

d) Require disclosure of supply chains

This requirement is adapted by the regions in each procurement, depending on the complexity, risks, and maturity of the industry. As a minimum, it covers the final manufacturing facilities, see 1. Prepare procurement.

Requiring risk suppliers to disclose their supply chains leads to better supply chain mappings, more robust risk assessments, and more effective measures to prevent and mitigate risks.

Suggested verifications

  • Contract clauses for sample products, requiring risk suppliers to disclose their supply chains in accordance with the transparency requirement in the specific contract.

Guidance for auditor

Fulfils requirement

The company has instructions or equivalent documentation/templates that describe how it sets requirements for supply chain transparency.

The contracts with the suppliers of the sample products contain provisions requiring them to disclose their supply chains at least in accordance with the contracting authority’s transparency requirements. These requirements may also have been communicated through dialogue with the supplier (records of discussions or email correspondence are required).

Does not fulfil requirement

The company lacks instructions or equivalent documentation/templates that describe how it sets requirements for supply chain transparency.

The contracts with the suppliers of the sample products do not contain provisions requiring them to disclose their supply chains at least in accordance with the contracting authority’s transparency requirements. Nor have these requirements been communicated through dialogue with the supplier (records of discussions or email correspondence are required).

e) Suspend or terminate contract

You shall ensure the possibility of temporarily suspending deliveries from a sub-supplier while preventive and mitigating measures are implemented and, in the event of severe deviations that remain unaddressed, the possibility of terminating the contract with the sub-supplier concerned.

There are several ways to address adverse impacts within a business relationship:

  • Continue while risk mitigation measures are being implemented.
  • Temporarily suspend (e.g. stop deliveries) while risk mitigation measures are underway.
  • Terminate if risk mitigation efforts fail, are not feasible, or if the impact is severe.

The decision should be based on factors such as how critical the sub-supplier is to your business, your legal and practical ability to influence the situation, including your leverage, and the potential consequences of termination.

Crucial sub-supplier

A sub-supplier is considered critical if it provides a good or service that is essential to your operations and there are no reasonable alternatives available. An example is when your business depends on a rare earth mineral for a core product, and extraction or refining is only available in high-risk areas.

Responsible exit as a last resort

You should only consider terminating a business relationship as a last resort. This may be appropriate:

  • after unsuccessful attempts to prevent or mitigate adverse impacts,
  • where the harm cannot be remediated (e.g. state-imposed forced labour),
  • where there is no reasonable prospect of change, or
  • where severe adverse impacts have been identified and the responsible party fails to take immediate action to prevent or mitigate them.

If you decide to terminate the business relationship, you should first identify and assess any adverse impacts that the termination itself may cause. This follows from process requirement 2. Risk assessments.

Where termination is assessed as the most appropriate measure, you should ensure that it is carried out responsibly by:

  • complying with applicable national laws, international labour standards, and collective bargaining agreements,
  • communicating escalation measures to the sub-supplier in advance,
  • informing the sub-supplier’s management and relevant trade union representatives of the decision and the reasons for it, and
  • where possible, providing reasonable notice before termination.

Suggested verifications

  • Instructions describing how you ensure the possibility of temporarily suspending deliveries from a sub-supplier while preventive and mitigating measures are implemented and, in the event of severe deviations that remain unaddressed, the possibility of terminating the contract with the sub-supplier concerned.
  • Contract clauses for sample products, which allow for the temporary suspension of deliveries while preventive and mitigating measures are implemented, and termination of the contract in case of severe deviations.

Guidance for auditor

Fulfils requirement

The company has instructions or equivalent documentation/templates that describe how it can suspend deliveries from a sub-supplier while preventive and mitigating measures are implemented, as well as terminate the contract with the affected sub-supplier if severe deviations are not addressed.

The contracts with the suppliers of sample products contain conditions that enable the company to temporarily suspend deliveries while preventive and mitigating measures are implemented, as well as terminate contracts if severe deviations are not addressed.

Does not fulfil requirement

The company lacks instructions or equivalent documentation/templates that describe how it can suspend deliveries from a sub-supplier while preventive and mitigation measures are implemented, and/or terminate the contract with the relevant sub-supplier if severe deviations are not addressed.

The contracts with the suppliers of sample products lack conditions that allow the company to temporarily suspend deliveries while preventive and mitigating measures are implemented, and/or terminate contracts if severe deviations are not addressed.