Global agendas power compliance concerns; IT tools for coping
When OptiMedica outgrew its Intuit QuickBooks-based financial management system, the 30-employee company started a systems search that led it to the Microsoft Dynamics GP ERP platform. Founded in 2004, and growing rapidly upon FDA approval of the core technology embedded in its products, the Santa Clara, Calif.
When OptiMedica outgrew its Intuit QuickBooks-based financial management system, the 30-employee company started a systems search that led it to the Microsoft Dynamics GP ERP platform. Founded in 2004, and growing rapidly upon FDA approval of the core technology embedded in its products, the Santa Clara, Calif.-based medical device manufacturer confidently expects the Microsoft Dynamics GP solution to scale to meet its stated goal of achieving $1 billion in sales revenues.
Just as important, the ERP platform puts built-in compliance capabilities for FDA regulations and ISO quality standards on the table. The change history for controlled processes, for example, is now stored in a separate database, thus meeting FDA Part 11 requirements. Microsoft Dynamics GP also supports standard processes to track and manage major and secondary compliance controls, thus providing more accurate information for audits.
“We're implementing procedures now that will help us track potential control issues,” says OptiMedica's Director of Finance, Dave Satterfield. “Within two clicks of a mouse, we basically have all the information we need to get things done.”
For most of the last five years, the world of compliance has largely centered on financial disclosure and Sarbanes-Oxley. But with Sarbanes-Oxley now regarded as “business as usual”—even as business leaders and politicians continue to voice concerns over its effectiveness—attention is turning to other legislative requirements, and the tools and technologies that can assist compliance.
As it turns out, it's the growing importance of the global supply chain that's powering compliance concerns. There's no doubt that the costs of compliance are moving up the corporate agenda.
“Being able to comply is business-critical, but all our research shows that ease of compliance is very high on customers' lists of requirements,” says Thomas Parbst, worldwide Microsoft Business Solutions industry marketing manager for manufacturing. While industries such as food and pharmaceutical manufacturing are predictably in the front line, he adds, the pain is being shared in many other industries too—even in consumer products, as concerns mounts over quality and safety issues.
Indeed, adds Pamela Lopker, president and founder of ERP vendor QAD , the integrity of the manufacturing supply chain is an area of growing concern—one that predates multiple product recalls from El Segundo, Calif.-headquartered Mattel that are fueling the fire.
“It's critically important when you're dealing with components and ingredients to be able to trace back the suppliers and lots that were involved—and then be able to look at the incoming inspection reports and quality assessments,” says Lopker. “From a systems perspective, lot traceability, serial number traceability, lot control, and the ability to deploy identification technologies such as bar-coding and RFID are the fundamental building blocks of that compliance.”
What's more, the greater the granularity of the information captured through such processes, the greater the precision with which problems can be pinpointed.
“It's one thing to know about an issue with a particular batch of components, and quite another to know which machines and tooling were used in their manufacture—and where the final products were shipped,” observes Lopker. “Why recall 200,000 products if you only need to recall 20,000, or even just 2,000 products?”
That said, prevention is better than cure. And another prevailing thrust among contemporary compliance initiatives is to minimize the need to track noncompliant components through the supply chain in the first place by attempting to ensure that they are sourced only from suppliers that meet appropriate standards.
Take supplier management and assessment Web portal Achilles , for example, which began life in 1990 as a collaborative venture by oil companies seeking to reduce the cost of prequalifying suppliers. Today Achilles vets more than 30,000 suppliers on behalf of 500 of the world's largest companies, including 31 of the Fortune 100. With ethical sourcing and social responsibility firmly on buyers' agendas, says Chief Executive Colin Maund, the challenge lies in moving beyond mere “box ticking” exercises, and making judgments about the caliber of the underlying supply chain and manufacturing processes.
This past October, San Francisco-based fashion retailer The Gap became merely the latest high-profile business to be embarrassed by evidence of child labor being employed in the factory of one of its Indian subcontractors. Within hours of TV footage showing child labor being broadcast, company President Marka Hansen was issuing statements declaring that its prohibition of child labor in its contracts “was non-negotiable,” while spokespeople defended The Gap's ethical record, pointing to the 90 full-time inspectors policing its 2,000-strong global supplier base—of which no fewer than 200 companies are in India alone.
“While violations of our strict prohibition on child labor in factories that produce product for the company are extremely rare, we have called an urgent meeting with our suppliers in the region to reinforce our policies,” said Hansen, adding that The Gap has “one of the industry's most comprehensive programs in place to fight for workers' rights overseas.”
But The Gap—with its own extensive supplier monitoring team—is in a minority, as most manufacturers are forced to rely on third-party checks from specialists like Achilles. Yet one of the biggest challenges that Achilles itself faces in helping manufacturers avoid such pitfalls, says Maund, lies in figuring out just how serious buyers in customers' purchasing organizations really are about ethical sourcing compliance.
“You really have to work with the buying organization and determine that they want to do something about it,” he says. “It's one thing to have a fancy-sounding statement on your Web site, and quite another to have the capability and processes to carry that through to factory floors. Tokenism is rife.”
Nor, he believes, does noncompliance come about accidentally. Having witnessed how major brands like Beaverton, Ore.-based Nike have been weighed down by ethical sourcing scandals, Western manufacturers' and retailers' contracts now routinely contain clauses prohibiting child labor and unfair employment practices—backed up by audits.
But the audits can be few and far between, and are sometimes carried out by people only woefully equipped to perform them.
“We've seen appalling audit reports,” says Maund. “Just looking at manuals of procedures isn't enough. You have to look at the actual manufacturing operation, and the supply chain behind it. It's not that some of the people in factories overseas haven't heard of ethical and social-responsibility standards—they have, but they're also good at putting up a front.”
And globalization poses still other compliance challenges. Even if suppliers are pursuing ethical employment practices, the whole business of international trade imposes a wide range of other mandated requirements, ranging from the avoidance of trade with so-called denied parties—such as terrorist fronts and listed overseas government agencies—to compliance with customs and documentation requirements.
Pro-forma invoices, commercial invoices, packing lists, import and export declarations, and letters of credit comprise the required documentation. Noncompliance can delay shipments at customs points for hours, days, or even weeks.
For exporters, the consequences range from disrupted cash flow through to—in the case of a denied parties infringement—prosecution by the Office of Export Enforcement, an agency of the Bureau of Industry and Security within the Commerce Department. For importers, the impact is just as bad: stalled production lines, empty shelves, and sky-high air freight costs as they struggle to source replacement product.
At the international trading arm of Anglo-Dutch steel giant Corus , headquartered in London, it was the recognition that its existing legacy systems were struggling to cope with these requirements that prompted the search for an alternative system. It was a search that ultimately led to global trade management specialist Kewill , explains Graham Royle, Corus International information systems manager.
In part, says Royle, the decision reflected a desire to reduce the sheer costs of compliance with customs requirements.
Also important was a system that was compatible with the relatively fluid legal requirements of the U.S., the U.K., and United Arab Emirates—each of which Corus has significant trading operations. But with an ongoing move to Microsoft Dynamics NAV ERP system under way, “We also needed a modern, world-class, flexible export documentation system that would integrate with our new ERP system, and allow us to leverage enterprisewide information for greater efficiency,” says Royle.
Not to mention accuracy, since simple transcription errors still dog a significant proportion of manually prepared sets of export documentation, adds Kewill's Marketing Director, Rob Smith.
“A surprising number of companies still prepare export documents using typewriters—but even with word-processing or spreadsheet templates, mistakes are still an issue,” explains Smith. Sourcing the data to populate customs documentation from the business's underlying transaction system makes obvious sense.
The European Union, too, is complicating the compliance agenda. Most manufacturers now are aware of Europe's Waste Electrical and Electronic Equipment Directive—i.e., the WEEE Directive—and especially its Restriction on the Use of Certain Hazardous Substances in Electrical and Electronic Equipment Directive—i.e., the RoHS Directive. But far fewer have heard of another piece of EU legislation: Europe's Council Directive 2001/115/EC—i.e., Directive 115.
Directive 115 replaces previous legislation—some going back to 1978—and stipulates in which circumstances electronic invoicing is permissible, and precisely which information needs to be included within an invoice for it to be legally correct from the point of view of Europe's VAT tax law. Significantly, the provisions apply to paper invoices, too. If a paper invoice doesn't contain the fields mandated for an e-invoice, it too is noncompliant.
Broadly speaking, Directive 115 is to be welcomed, says Andrew Bartolini, a research director at Boston-based Aberdeen Group .
“Not without contention, the EU made a positive move forward with Directive 115, and set the foundation for e-invoicing standardization,” says Bartolini. “Certainly, other regions lag far behind, and should only be so 'lucky' as to have an issue like Europe's VAT tax to serve as a catalyst.”
But for manufacturers with operations inside Europe—or trading with Europe—Directive 115 poses a distinct problem. European Union member states, it seems, have interpreted the legislation in different ways, with Germany, for example, taking a much tougher stance than, say, France or the U.K.
Spend management solutions vendor Ariba launched a fully Directive 115-compliant solution in March 2007, more than five years after the directive came into force.
“While we were able to offer a generic level of compliance, we weren't able to reflect specific country-level implementations of the directive, and the workarounds and paper processes our customers had to develop were hindering our ability to sell in Europe,” concedes Christopher Eyerman, Ariba director for electronic invoicing, presentment, and payment. The differences between different countries' interpretations of the rules may only have been relatively minor, he adds, but achieving full compliance “still involved a lot of effort in getting it right.”
It's a view that neatly echoes the attitude of many manufacturers toward the broader world of compliance. Their only comfort: If compliance is expensive, try noncompliance.