Skip to content
ESG

Navigating ESG due diligence in vendor assessment

Thomson Reuters Tax & Accounting  

· 7 minute read

Thomson Reuters Tax & Accounting  

· 7 minute read

Understanding ESG-specific supply chain risks, a checklist for assessing vendors, tips on communicating expectations, and more.

Jump to ↓


ESG and supply chains

What is ESG due diligence?

Understanding ESG risks in the supply chain

ESG due diligence checklist: What to look for when assessing a vendor

How to communicate ESG expectations to vendors

Staying ahead of ESG requirements

The need for large corporations to conduct environmental, social, and governance (ESG) due diligence in their supply chains is rapidly becoming a mandatory piece of the corporate compliance puzzle.

In 2025, the European Union’s Corporate Sustainability Reporting Directive (CSRD) goes into effect—legislation that includes a long list of compulsory disclosure requirements related to corporate governance and sustainability.

In the United States, where ESG reporting directives have received some pushback, the Securities and Exchange Commission has nevertheless adopted a series of climate-related disclosure rules for public companies. And in 2023, the state of California enacted SB 253 and SB 261, measures that require large companies operating in the state to disclose greenhouse gas emissions and various other climate-related risk factors.

Legal requirements aside, ESG principles have also become the defining metrics of so-called “stakeholder” capitalism—an approach to business that views sustainability and fairness as a primary source of customer loyalty and long-term value.

ESG and supply chains 

Supply chains are especially important for ESG compliance because they involve all the components and materials that go into a company’s product(s). If a supply chain includes a multitude of vendors around the world, any one of them could represent a risk to the company’s reputation and financial stability.

So, as global regulatory bodies pass stricter rules for ESG compliance and adherence to ESG principles becomes an increasingly important measure of responsible corporate behavior, companies themselves must develop more thorough systems and processes for ESG assessment and reporting.

What is ESG due diligence?

ESG due diligence is the process by which a company assesses performance and risk factors related to the company’s environmental, social, and governance practices. When applied to the supply chain, ESG due diligence typically involves vetting vendors to ensure that they are operating ethically and sustainably and do not present any obvious risk factors, such as the use of child labor. 

Environmental factors are also an important component of ESG due diligence. Energy efficiency, waste management, environmental impact, carbon emissions—all are indicators of a company’s commitment to ESG principles. Requiring vendors in the supply chain to adhere to these principles is an important step toward ensuring that a company is meeting its ESG obligations and operating in an ethical, sustainable manner.

Cover of a blog titled "How generative AI is transforming ESG reporting."

 

Understanding ESG risks in the supply chain

ESG compliance isn’t easy, though. Global supply chains are complex, multi-dimensional organisms, and as such they are susceptible to a wide range of risks. Among the most serious risks are:

Environmental risks

Climate impact: The “E” in ESG covers a wide range of sustainability measures, but it also refers to risks from extreme weather events and changing climate patterns, which can disrupt trade routes and impact the flow of components and raw materials. 

Deforestation/land management: Corporate practices that contribute to deforestation and the disruption of natural ecosystems are high on the list of ESG violations that enrage climate activists—and, increasingly, investors and consumers. 

Social risks

Human rights/labor exploitation: In the US and many other countries it is simply illegal to contract with suppliers known to use forced or child labor, or that are engaged in other types of human rights violations.

Health and safety: Multinational corporations (MNCs) are responsible for ensuring that the working conditions in their supply chains are safe. MNCs are also obligated to address poor working conditions at supplier companies that are failing to meet the company’s established standards.

Governance risks

Unethical business practices: Part of ESG due diligence is ensuring that supplier companies operate ethically. Difficulties can arise in countries where corruption and bribery are commonplace, but it is still the parent company’s responsibility to ensure that all business in its supply chain is conducted ethically and legally.

Transparency issues: Obtaining ownership information and other key data from far-flung suppliers can be difficult as well, especially Tier 2 and 3 suppliers. A lack of transparency in these areas can be costly, so thorough due diligence is essential.

In addition to the risks cited above, failure to comply with ESG rules can result in financial penalties, reputational damage, inventory shortages, production delays, and loss of consumer trust, as well as increased scrutiny/criticism from investors, consumers, regulators, the media, and other interested stakeholders.

ESG due diligence checklist: What to look for when assessing a vendor

The best way to ensure ESG compliance in the supply chain is to vet new vendors before any issues arise. The following is a list of ESG-related factors that should be considered before onboarding new vendors, though the same basic principles apply to periodic assessments of existing vendors as well.

ESG-related issues to look for in a new vendor: 

  • A history of ethical business dealings and associations
  • Open transparency when asked to disclose ESG-related information
  • Previous knowledge of—and compliance with—ESG benchmarks
  • Established policies against bribery and corruption
  • Willingness to share knowledge of where materials and components are sourced
  • Responsible waste-management practices
  • Safe, energy-efficient manufacturing processes and facilities
  • No history of labor exploitation
  • Alignment of stated policies and actual practices
  • Competent leadership, including owners, board, management
  • Stable financials and business relationships
  • Willingness to improve ESG performance if necessary

How to communicate ESG expectations to vendors

Once a new vendor is onboarded, it is essential for the parent company to communicate regularly with the vendor about the importance of meeting ESG benchmarks, as well as the consequences of non-compliance.

The company’s expectations should be spelled out clearly in a policy statement or supplier code of conduct—or be incorporated into the company’s Know Your Vendor (KYV) program—and the vendor’s performance should be reviewed periodically to ensure compliance. Areas of improvement can also be identified in such reviews, as well as appropriate goals and benchmarks to measure the vendor’s progress.

Regardless of how it is accomplished, however, relevant ESG criteria should be baked into the process for selecting and evaluating vendors, and communication channels with suppliers should be open and ongoing. Some companies even hold supplier conferences and/or provide training on ESG requirements for suppliers that request it.

Staying ahead of ESG requirements

In practice, however, meeting ESG benchmarks and staying current with ever-evolving ESG requirements is all but impossible without the help of advanced technologies like generative AI. Some ESG reporting requires constant monitoring and data collection, after all, and the increasingly granular nature of the data required means companies need to invest in ESG reporting software to help them collect and analyze all that data. And without dedicated software, the ESG reporting burden can be overwhelming.

ESG due diligence in the supply chain also requires a level of transparency and visibility that only advanced technologies can provide; otherwise, it is virtually impossible to hold vendors accountable.

Remember, the purpose of ESG due diligence assessments is to identify and eliminate any potential risks to the organization, and to ensure that a company’s entire supply chain reflects the values espoused in the company’s mission statement and by-laws. Only by creating a thorough, transparent ESG compliance process can companies dedicated to ESG principles forge that essential bond of trust with stakeholders upon which sustainable profitability is built.

Cover for the TRI 2024 State of Corporate ESG report.

 

View from above at a road between a body of water and a green forest.

 

← Back to blog

More answers