Tag Archives: csr

UPDATED ALERT: Piwowar Issues New Statement on Conflict Minerals Rule in Response to Closure of NAM v. SEC Lawsuit, Stein Pushes Back

SEC Acting Chairman Michael Piwowar and the SEC Division of Corporation Finance Staff both issued statements today (April 7, 2017) on the conflict minerals rule in light of the final Court action in NAM v. SEC.

The statements from both Staff and Acting Chairman Piwowar clarify that the Commission does not intend to recommend enforcement against any issuer that does not file a CMR or conduct due diligence of its smelters/refiners.  The statements do not amend the language of the rule itself to eliminate the CMR and due diligence requirement – they only clarify that no enforcement action will be taken if an issuer triggers the CMR/due diligence mandate, but files only the basic Form SD.

Reuters reported that the only other currently-sitting Commissioner, Kara Stein, took issue with Piwowar’s unilateral action :

The move sparked backlash from SEC Democratic Commissioner Kara Stein, who accused Piwowar of acting beyond his authority to gut the meat of a rule mandated by Congress, adopted by the SEC and reviewed by the courts.

“It is unprecedented for one commissioner, acting alone and without official notice and comment, to engage in de facto rulemaking,” she said.  “It represents a troubling attack not only on the Commission process, but also on the restraints of government power.”

We will continue to monitor new developments and keep you informed.  In the meantime, please do not hesitate to contact us with any questions.

BREAKING: Senator Warren Seeks Investigation into Acting SEC Chairman Piwowar’s Authority to Reconsider Conflict Minerals Rule

Someone please pass the dramamine…

Just when you think the political turbulence on the conflict minerals rule is over, we fly right into another storm.

Yesterday, Senator Elizabeth Warren, along with Senators Sherrod Brown, Robert Menendez and Brian Schatz, submitted a pointed letter to the Securities and Exchange Commission Inspector General Carl Hoecker asking for an investigation into recent actions taken by Securities and Exchange Commission (SEC) Acting Chairman Michael Piwowar.  One of the actions Senator Warren wants reviewed is the January 31, 2017 statement from the Acting Chairman directing the staff to reconsider the conflict minerals rule.

Key excerpts from her letter are below.

Commissioner Piwowar evidently required reconsideration of the guidance on this congressionally mandated rule- which concerns disclosures about conflict minerals originating from the Democratic Republic of Congo and adjoining countries – based exclusively on stories he heard while “visiting Africa last year.” Commissioner Piwowar claims to have “heard first-hand from the people affected by this misguided rule,” and asserts that the rule is putting mining operators out of business while potentially undermining U.S. national security interests.

Commissioner Piwowar has long disliked this required rule, calling it “yet another situation where politically-connected special interests are using shareholder resources to push their own agenda.” But Commissioner Piwowar’s personal distaste for a congressional mandate is not sufficient grounds to attempt to weaken a final rule that has been approved by the SEC. We are also concerned that Commissioner Piwowar appears to have directed the agency staff to undertake this review before consulting with his only fellow Commissioner and seeking her approval.

At his confirmation hearing, SEC Chair-nominee Jay Clayton testified that he … had no specific plans to revisit any Dodd-Frank- mandated rules.

Commissioner Piwowar has “exert[ed] unusual authority for an acting agency chair,”  We ask that you conduct an investigation into each of these decisions to determine whether they are legally permissible…  we ask you specifically investigate the following: …

Did Commissioner Piwowar provide a valid substantive justification for these changes?

Did Commissioner Piwowar provide adequate public notice and comment periods, and did he follow all required SEC guidelines and rules for taking action, including the SEC’s quorum requirements?

Is Commissioner Piwowar carrying out these actions at his own initiative, or has he consulted with, or received direction from, anyone within or outside the Administration?

We will continue to monitor this situation – and will stock up on dramamine.  We’ll try to get enough to share.

New Comments to SEC Show Ongoing Misunderstanding, Excess Spending for Conflict Minerals Rule

The new public comment period initiated by SEC Acting Chairman Michael Piwowar is now closed and we have reviewed almost all the submittals.  What is surprising is that there still seems to be significant misunderstanding or interpretations of the rule, and some issuers are spending far more than is likely necessary.  The following comments and estimates that caught our attention:

  • Two industry groups cite a company spending $10 million in initial implementation costs and $3 million in ongoing costs (most likely the same company).  We were shocked to see those numbers.  No client of ours, nor any of the many Fortune 500 we have direct or indirect contact with, has expended that much in relation to the Rule.  
  • One company is cited as needing 7 months to survey 300 suppliers.  If that is indeed current information, there are most likely program implementation approaches available that the company is unaware of, or has chosen not to pursue.
  • Another commenter privately disclosed their cost and associated scope of their efforts to us in an email dialogue.  Based on our understanding, that company is expending approximately 90% more effort than needed.  They have received poor guidance on the rule or made a voluntary decision to go down that path.
  • There are multiple references to an estimate of an IPSA costing $250,000 – $350,000 and taking six months.  This estimate appears to reflect the original proposed rule rather than the IPSA objectives and scope of the final rule and the subsequent guidance.  During the proposed rule phase, little guidance was available on the IPSA and the auditing community anticipated full supply chain audits, or audits that confirmed product determinations. The final rule made it abundantly clear that the actual IPSA objectives/scope are far narrower.  

If you think you are spending more than is necessary for your conflict minerals program, give us a call.  We can probably find ways to reduce your effort and costs.

BREAKING: Acting SEC Chair Opens Conflict Minerals Guidance, Rule for Public Comment

UPDATE February 2, 2017:  We have confirmed with SEC Staff that the request for comment does indeed extend to the entire rule, not just the 2014 Guidance.

Acting SEC Chairman Michael Piwowar issued a statement this evening concerning the conflict minerals rule and the April 29, 2014 Guidance from the Commission making the use of specific determination wording voluntary, and thus the Independent Private Sector Audit.  Piwowar is “directing the [SEC] staff to consider whether the 2014 guidance is still appropriate and whether any additional relief is appropriate in the interim.”  The statement includes a 45-day public comment period on the matter.

Although there is ambiguity in this statement that we hope to get clarity on soon, it appears that the statement may only relate to the 2014 guidance and not the rule as a whole.  In addition, it also appears that the outcome of the SEC’s action in relation to Piwowar’s statement applies to filings covering calendar year 2017 and therefore may not impact activities currently underway by issuers preparing for their CY2016 filings.

Updates and additional information will be provided during our webinar to be held Thursday, February 2.  Sponsored by TheCorporateCounsel.net, other panelists include Michael Littenberg, Christine Robinson and Dave Lynn.

You May Be Using Unauthorized Information from CFSI

CFSI recently added a Vendor Member category for service providers, which we think is a positive development and provides significant benefit.  However, there are limits to who is allowed to use the CFSI information/data and it is possible that the data is leaking beyond these limits.

CFSI provided this in response to a recent inquiry from Elm on the matter:

Along with CFSI Company Members, Vendor Members have access to member-only tools and resources. Pursuant to the non-disclosure agreement (AECI) between the EICC and each CFSI member, CFSI vendor members cannot disclose, publish or disseminate CFSI’s information to non-CFSI members and CFSI vendor members agree to use CFSI’s data for the benefit of the CFSI. CFSI vendor members cannot share CFSI data with clients that are not CFSI-members or use CFSI data to provide services to non-CFSI members.

We don’t believe Vendor Members would intentionally disseminate CFSI data in an unauthorized manner, but errors can occur.  Elm thinks it is appropriate for non-CFSI members to explore the source(s) of the country of origin data they use and report to ensure they are not using CFSI data inappropriately.

If you have any questions, contact Leah Butler at the CFSI at lbutler@EICCOALITION.org

You Are What Your Suppliers Do: Supplier Actions Make Headlines, Break Business

With companies facing increasing pressure for the actions of every part of their supply chain, demand for – and reliance on – supplier/corporate social responsibility (CSR) audits conducted by third parties has grown rapidly.

Shirts, Phones, Rocks and Shrimp

But there is concern about the quality, reliability and credibility of these audits.

CSR Auditing and Toilet Paper

Is Social Auditing Really Auditing?

Harvard Professor Identifies Factors for Meaningful CSR and Supply Chain Audits

You Don’t Know What Your Suppliers Are Hiding

Companies rely on their CSR audit firm to utilize qualified auditors, employ adequate QA/QC processes and expend adequate time to conduct a reasonable audit. Yet there are no generally-accepted professional CSR audit practitioner standards. Moreover, due to cost pressures, lowest cost audit providers are frequently selected that may not have appropriate auditing skills or training – the largest CSR audit firms conduct tens of thousands of these audits each year. Increasing audit time and costs to improve quality or credibility is typically not realistic – the business model is inherently high-volume, low margin.

Are these audits effective at findings supplier actions that create risks for you? Can a company gain confidence in their CSR audits without adding costs? Is a change in auditors necessary?

Improve Credibility for Disclosures, Media and Customers

Changing audit firms is not necessary, nor is another layer of auditing. Instead, a formalized auditor training program can be a low cost yet effective solution.

The Elm Consulting Group International is expanding our well-proven auditor training program to companies who use CSR/supply chain auditors. The intent of this program is for brands to provide detailed communication and training to their current CSR/supply chain auditors about the company’s requirements for auditor competence, audit quality and processes in order to enhance the credibility of audit information.

Our formalized training for existing CSR auditors builds their client’s confidence in the quality of the work provided. The program is not intended to provide training on specific audit topics such as child labor or worker rights. Instead, the focus is on proven audit techniques such as:

  • Understanding and applying professional skepticism
  • Interviewing and active listening
  • Identifying and responding to non-verbal cues within multi-cultural contexts
  • Evidence sampling methodologies
  • Using information from different sources
  • Verification and recomputation techniques
  • Judging audit evidence quality and limitations
  • Fraud detection
  • Using working papers and audit protocols
  • Writing effective and complete audit findings
  • Audit quality expectations, requirements and processes
  • Maintaining auditor independence, including auditor rotation

Our Qualifications as The Leader in Auditor Training

Our HSE auditor training experience began in the 1980s and we have successfully trained hundreds of external and internal auditors. Elm Principals hold auditor certifications from the US Board of Environmental, Health and Safety Auditor Certification (BEAC, now wholly merged into the Institute of Internal Auditors) and UK Institute of Environmental Management & Assessment, are approved trainers for the IIA EHS auditor certification program and are subject to annual continuing education requirements ourselves. Further, Elm Principals have served in various Board positions in The Auditing Roundtable (merged into the IIA in 2016) and BEAC, including the current BEAC Chair.  More information about our internal audit quality and auditor competence standards is available here.

Give us a call at 678-200-3424 or contact us via email to discuss how we can help you increase confidence in your CSR audits.

Dr. Seuss Essay on Auditing Updated

In the early 1970s, buried in one of his books, Dr Seuss penned a little known essay on auditing. For those not familiar with it, the full text follows:

Oh, the jobs people work at!


Out west near Hawtch-Hawtch
 there’s a Hawtch-Hawtcher Bee-Watcher. His job is to watch…
is to keep both his eyes on the lazy town bee. A bee that is watched will work harder, you see.

Well… he watched and he watched. But, in spite of his watch, 
that bee didn’t work any harder. Not mawtch.

So then somebody said,
“Our old bee-watching man
just isn’t bee-watching as hard as he can. 
He ought to be watched by another Hawtch-Hawtcher!
 The thing that we need
is a Bee-Watcher-Watcher!”

 The Bee-Watcher-Watcher watched the Bee-Watcher.
 He didn’t watch well. So another Hawtch-Hawtcher
had to come in as a Watch-Watcher-Watcher!


And today all the Hawtchers who live in Hawtch-Hawtch are watching on Watch-Watcher-Watchering-Watch,
Watch-Watching the Watcher who’s watching that bee.


You’re not a Hawtch-Watcher. You’re lucky, you see!”

Words of wisdom from an unlikely source.  And for a little amusement, Elm takes Seuss a little further.

We decided to try our own hand at rhyme
And update the story to these current times.

Auditors watch the things clients do
And also suppliers when they’re in scope too.
They see if the list of everything bought
Was made in conditions just like it was thought
Or from those hoping they’re not getting caught.

The Hawtch-Hawtch bee watcher failed as you know
Since audits alone don’t work, we shall show.
What can we learn from those watching the bee?
I see two things – well, actually three.

The bee – when watched – was supposed to work more
But that’s not what bee itself had in store.
Instead what it did was kept right on doing
Not a thing – the watcher was just cud-chewing.
The town of Hawtch-Hawtch thought things would be fine
As long as an auditor watched all the time.

That, my dear friends, is flaw number 1 –
Audits alone are but one part of the fun,
After the watching, there’s more to be done.

The next wrong expectation in this story I find
Is the scope of the watching is not well defined.
What does it mean to “Watch as hard as you can?”
The watchers weren’t sure – down to the last man.
Had they been told, they could do the job well
And not let past problems fester and swell.

Today, what of CSR, governance and sustainability?
The words are unclear – I think they’re meant to be.
No clarity was given those Hawtch Hawtch bee watchers
So they all failed, got sore feet and bad postures.

And now, my beloved, we’re at flaw number three
Which is simply bad audit and auditor quality.
Bad bee watching – at least supposedly so –
Made the line of watch-watchers grow – grow – grow
That perpetuated the flaws that all went before
Meaning Hawtch-Hawtch kept getting more, more and MORE
Of the same watch watchers already there
Who did nothing more than stare, stare and stare
At the same old thing day after day,
Focused on billable hours, bonus and pay.

Most of them ranked low and were unqualified
To be a watch watcher – they weren’t certified.
Maybe because that would cost a bit more
Than the ineffective work that had been done before.
But Hawtch-Hawtch didn’t care to look into this
Not concerned with things that were possibly missed.

Now Hawtch-Hatwch is not a maker of stuff
That uses slave labor and treats their folks rough
And whose business will shrink when good auditors see
What unscrupulous companies do with glee.

In sum, Seuss told us of things one through three
These things – for auditing – are important and key.
But, I say friend, don’t take it from me
Go back and look that old Hawtch-Hawtch bee.

CSR Auditing and Toilet Paper

In the 1990s I worked for a large paper company and one of the products we made was a name brand toilet paper. As TP goes, this was nice stuff – 2 ply, thick and soft. We marveled that the product didn’t sell well in markets dominated by products that were thin, had holes and fell apart too easily. It baffled us that so many people didn’t care about what ends up on their hands.

Today there is a surprising demand for third party environmental/safety/social/supply chain audits that are equivalent to cheap TP – thin, single “ply” (i.e., one dimensional) and full of holes.   Yet even in the midst of so much reliance on audits, very few buyers of these audit services seem to be concerned. Its not only us that sees this – a fascinating article published earlier this week called out Amazon, The Children’s Place, Gap, Hanes, J-Crew, JC Penny, Kohl’s, Macy’s, Nike, Pink, Polo, Target, Walmart and Zara for “ineffective … CSR monitoring, corporate codes of conduct and industry ‘social audits’ … in protecting the rights, health and safety of millions of workers in global supply chains.”  This, after a decade of CSR audits, is the author’s conclusion.

The article goes on to discuss related failures and inconsistencies in certifications and audit scopes. Our own experiences support this – all too frequently we have seen companies pursuing various certifications solely in order to have a certificate to frame and hang in their lobby. One unfortunately memorable experience came a week after a client had completed their ISO14001 recertification audit. The ISO auditor passed the site with flying colors and was highly complimentary of their program. However, our compliance audit found – with little effort – criminal environmental violations that resulted in the site environmental manager losing his job and one of the few instances where self-disclosure to EPA was warranted without question. This isn’t necessarily a problem with the standards themselves – the problem rests completely with the auditors responsible for assessing the sites.

This criticism shouldn’t be a surprise to anyone who is familiar with current CSR audits and auditors. Certainly there are excellent and conscientious practitioners in the field, but the pricing model of these audits tends to support minimalism all the way around. In a recent article on this topic, we stated our belief that the pricing of CSR audits is directly in response to severe operating cost pressures placed on the manufacturers by the brands. But that circles back to consumer buying preferences as we pointed out six years ago. If attributes other than price and product performance were truly key buying criteria, then the entire economic ecosystem (eco-ecosystem??) would be different.

We do not offer typical CSR/supplier audits because we flatly refuse to compromise our professionalism in order to be cost competitive in this market. Our respect for clients and concern for the risks they face exceeds our desire to compete for revenue from these services in the current market. But, as evidenced by what the article states is an $80B year CSR industry, many people are okay with using cheap toilet paper and don’t seem to care what will end up on their hands.

A few key things you should do to help prevent continuing CSR audit failures:

  • Ensure the audit scope matches the auditor(s)’ backgrounds.  For example, after Raina Plaza, CSR auditors have been increasingly asked to provide information on structural engineering and local electrical code compliance.  These matters require specific technical knowledge beyond that of a typical CSR auditor.
  • Explore the auditor(s) professional qualifications. Do they hold a relevant third-party certification?  How much continuing education do they require on an annual basis?  What fraud detection training have they had?  What are the audit firm process for ensuring independence of the individual auditors, not just the firm as a whole?  Auditors should consider themselves professionals and hold themselves accountable to appropriate standards for qualifications.  If they don’t, that speaks volumes about their attitude toward their work.
  • Test the auditor(s) technical knowledge beyond their checklist.  Does the auditor understand the applicable requirements beyond what is written in the audit checklist or protocol?  There are few times when reality matches the criteria on paper.  You want a professional who is prepared to apply knowledge and expertise objectively and pragmatically, not just check boxes on paper or a screen.
  • Find out how much time the auditor(s) spend onsite, and on each audit activity.  Generally speaking, one day (or less) total on-site is too little for any credible audit scope.  The auditor should reasonably balance their time between document reviews, interviews and visual observations.  If you don’t feel there is adequate time spent or balance in the activities, make your auditor change their practices.
  • Observe – or get feedback on – the auditors’ bedside manner.  An auditor’s attitude and non-verbal cues have a significant impact on the amount and quality of information they are able to gather from the audited entity, and how that entity responds to the audit and corrective actions.  Interviews conducted by the auditor should be non-threatening.  Using active listening techniques without sounding condescending or like a robot is an art form not easily mastered.
  • Look at audit report findings and the cited evidence.  Are findings based solely on interviews?  While this can be acceptable in some settings/situations, information from interviews should be corroborated with another type of audit evidence such as documentation, recomputation or direct visual observations.  If findings are not based on objective and repeatable evidence, make your auditor change their practices.  Issues based on interviews alone should be brought forward in a mechanism outside the audit report as those don’t meet the requirement for a formal finding.
  • Determine how audit reports are peer reviewed – or are they peer reviewed at all?  Does the review require the auditors’ original notes so the reviewer can confirm that the audit evidence supports the findings?  All audit reports should go through a formal internal quality check.
  • Don’t get swayed by broad company or program certifications such as ISO.  While these certifications can be an indicator of internal process formalization, understanding the reality of auditor performance in your specific need is far more important.
  • When considering an auditor, call client references and discuss their experiences, both positive and negative.  Obviously, references are specifically selected to present a positive image.  Expressly ask the reference to offer comments about matters or situations that are not so positive.

CY2016 Conflict Minerals Reports: Ready… Set… IPSA!!

How many conflict minerals IPSAs will be conducted for the CY2016 SEC filings given that nothing has changed from last year (or the year before) concerning the IPSA trigger?  Certainly you recall the April 29, 2014 Statement from the SEC’s Keith Higgins (who today announced that he will depart the SEC next month) clarifying that, until further specific action by the SEC, an IPSA is required only when an issuer voluntarily chooses to use the wording “DRC Conflict Free” when describing their products.

There has been no further action on the matter from the SEC.  Yet more companies are already asking us for proposals to conduct an IPSA even where the company doesn’t plan on making a “DRC Conflict Free” determination.  Such an IPSA could do more than meet the SEC audit objectives.  As a voluntary and perhaps “unofficial” audit, the scope can be more flexible and address substantive issues concerning program effectiveness and conformance to the OECD Due Diligence Guide or SEC requirements, helping the company to answer important questions about the quality and robustness of their due diligence program.  This kind of IPSA would provide much more value especially as due diligence programs are rapidly expanding beyond 3TG and the DRC.

It is worth serious consideration.

Another approach was very popular last year – our auditability reviews.  This gives clients a detailed understanding of how an IPSA auditor will likely interpret CMR language and approach an official IPSA.  We have identified much unintended – or unexpected – broadening of the IPSA scope and cost for clients and provided detailed insight as to how an auditor is likely to apply sampling and audit evidence elements of the Performance Audit standards to draft CMR language.  Our IPSA auditability reviews are a low cost, low risk alternative to a mock audit.

And what of those 12 companies called out by name in the Development International report as not filing an IPSA even though they classified at least one product as “DRC Conflict Free”?  We will see.

DRC Conflict Free Mining – Now on Sale!

It seems we have spent more time than ever before “swimming upstream”.  But not in a negative way.

It started in May when we participated in the OECD Forum in Paris.  Then, in the last month, we attended the CFSI Conference in California and chaired a conference in Berlin on conflict minerals and responsible sourcing.  The CFSI conference this year focused more on upstream initiatives and developments than in the past, and the Berlin meeting was wide-ranging, including practical information on upstream initiatives.

We typically serve downstream industries and clients, and are not as aware as we should be about the goings-on upstream.  This year has been quite valuable in that regard.  The most obvious theme: in-region initiatives are showing potential, but are significantly constrained by a lack of funding.  But there are also few opportunities for downstream companies to contribute – and most of those opportunities have price tags that are difficult to justify internally.

As a result, Elm is currently evaluating solutions to this need that would allow any company or organization a way of providing direct financial support with contribution levels beginning at US$500.  Our three goals are:

  • Provide a low cost option for companies to directly finance valid and confirmed upstream initiatives in the DRC and Covered Countries.
  • Create a mechanism with no overhead charges/expenses.  Elm will not take any fees out of the contributions except those required for bank charges and if necessary – legal fees.  We hope to be able to send at least 90% of every contribution to the region.
  • Allow another way for SEC filers to expand their due diligence activities and related descriptions in their Conflict Minerals Report.

But in order to better quantify interest, solidify appropriate options and establish the mechanism(s), we are seeking expressions of interest.  At the present time, we expect the contribution range to start at US$500 with no upper limit.

If you are interested, please email us directly or via the “Contact Us” function of our website, and indicate the contribution amount you are willing to provide.  We are not asking for funds now, nor are we step up to receive them – this is simply a request for expressions of interest.  The plan is to have the solution in place no later than the end of January 2017, with the first disbursement made after a critical funding amount has been achieved.

We look forward to hearing from you and will post periodic updates.