In part of our continuing coverage of rare earth metals and related minor metals, MetalMiner is pleased to welcome Mr. Lawrence Heim, Director of The Elm Consulting Group International, LLC, an independent environmental, health, and safety consulting practice, as a guest contributor. According to their website, Elm was engaged by a leading US-based electronics manufacturing industry association to conduct the first independent third-party Conflict Minerals supply chain traceability audits, supporting the association’s “Conflict-Free Smelter designation for tantalum.
Up until recently, substantive efforts related to conflict minerals have focused on “bag and tag programs at mines and voluntary procurement standards based on reputational risk concerns. In 2010, a leading US-based industry association of electronic manufacturers began field trials of a conflict minerals audit program based on tools developed by the association and an international non-governmental organization. Our firm, The Elm Consulting Group International LLC, was one of three firms invited to participate in the field trials; we subsequently conducted the first tantalum supply chain traceability audits encompassing sites in the US and Japan. We also had the opportunity to evaluate an additional site a scrap metal company in the US.
The major takeaways from our experience include:
- Supply chain auditing takes careful planning. The audit process is far more efficient if it begins close to the point of materials origin and works forward. Starting at the consumer/end use results in the audits being incomplete until all the preceding supply chain links are audited. Once the full chain is completely audited, all the open/incomplete reports must be amended.
- Even though the SEC’s jurisdiction is limited to publicly-traded companies, the conflict minerals audit mandate will directly impact non-publicly traded companies as they are likely to be part of the supply chain of directly-regulated companies. Information and audit requests will flow through the entire chain, which is the goal of the law.
- New information sources beyond facility/company files are needed. Some of this information is to be developed by the US government under the Law, but much will be left to the companies and auditors to locate on their own. SEC and other stakeholders have expressed concern about the veracity of the information regarding activities near the point of extraction/export. This information need creates an opportunity to leverage emerging information management technologies such as Sentiment360
- Material buyers are already demanding third party audits/evaluations, demonstrating hesitation to rely on self-declarations by suppliers. This indicates that, although SEC standards allow companies to conduct and rely upon internal due diligence activities and representations, market forces may push companies to engage third party auditors for all its conflict minerals evaluations and related statements.
- Auditor selection is critical to reducing risk. In the previous article, we discussed the SEC’s position in its proposal that they do not intend to establish specific guidance on the due diligence activities. Companies will be heavily dependent on auditors to understand the law and to implement regulations, and to determine what should constitute an acceptable audit scope. (Section 1502(b) of the Law specifically authorizes the SEC to deem audit activities and reports as “unreliable if SEC determines that those do not meet the Commission’s expectations or standards established.) But the risk extends far beyond potential SEC action: customers, the media and shareholders will all respond to the audit results.Ã‚Â There are a number of auditor certifications that could be considered applicable to this scope of audit, but none should be considered to automatically qualify an auditor for these engagements. These audits require a unique blend of expertise in general auditing processes/procedures, environmental knowledge, accounting basics, chemistry/industrial processes, procurement controls, contracts and supply chain fundamentals. Finally, the auditor must be able to execute the engagement in accordance with the auditor/engagement standards of the Government Auditing Standards, such as the standards for Attestation Engagements or the standards for Performance Audits (GAO07731G) GAO-07-731G contains standards on auditor independence. At this time and without further guidance from SEC it is unclear whether an audit sponsored, actively managed and reported through an industry association would conform to GAO-07-731G’s (or any other audit standard) standards on auditor independence. Associations consist of multiple members who have varying degrees of business relationships with each other and the audited entities, putting the auditor in a position of serving “multiple masters relative to influence over the audit scope, process, information, report and payment. Our research and inquiries to qualified experts in SEC auditing requirements indicates that there appears to be no precedent in any other legally-required audit in the US that has been fulfilled in this manner.
Other existing international standards, such as the Organization for Economic Cooperation and Development (OECD) draft Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and High-Risk Areas and the Supplement on Tin, Tantalum and Tungsten are currently voluntary standards and may not completely meet the SEC’s more stringent auditor standards.
The SEC’s audit cost estimate of $25,000 in their proposal is reasonable on a per-audit basis for a third party auditor, but not for a complete supply chain assessment/audit. The total program cost for a company will reflect internal labor effort costs for managing/supporting the external auditors, reviewing the audit report, and addressing customer/vendor requests that are sure to follow. Of course, these costs will increase to reflect the number of audits required. Our research indicates that some companies have well over 100 suppliers that will require an audit.
Click Below to Read Previous Posts: