Developing Product Safety Compliance and Testing ... · © 2014 MetricStream, Inc. All Rights...

© 2014 MetricStream, Inc. All Rights Reserved.

Developing Product Safety Compliance and Testing Management Programs

Sonal SinhaAssociate Vice President Industry SolutionsMetricStream

Manu GopeendranAssociate Director MarketingMetricStream


Federal Regulations

• Federal Trade Commission (FTC)

– Care labeling, fiber content labeling, environmental labeling, country of origin labeling, advertising etc.

• Consumer Product Safety Commission (CPSC)

– Children’s products, hazardous substances, Flammability

– Drawstring safety and Tracking label requirements

• Environmental Protection Agency (EPA)

– FIFRA, Toxic Substances Control Act (TSCA)

• Customs and Border Protection (CBP)

– Country of origin for most imported products

• U.S. Department of Agriculture (USDA)

– Organic claims


Company Year Fine Program Allegation(s)

Family Dollar 2013 $602,438.00 FIFRA Misbranded Pesticide

Wal-Mart 2013 $110,700,750 RCRA, CWA, FIFRA, Criminal Fines, State law

Hazardous Waste Management, Distribution of Misbranded Pesticides, HW Disposal Down Drains, etc.

Home Depot 2013 $8,000,000.00 CAA High levels of VOC (coatings +)

Walgreens 2012 $16,600,000.00 RCRA, Customer Records

Hazardous Waste Disposal, Mismanagement of Customer Records

Costco 2012 $3,600,000.00 RCRA Hazardous Waste Disposal

CVS Pharmacy 2012 $13,750,000.00 RCRA Hazardous Waste Disposal

Home Depot 2011 $30,000,000.00 CAA High levels of VOC (coatings +)

EPA Regulations & Violations


Consumer Product Safety Improvement Act

� Mandatory Third- Party Testing and Certification for Children’s Products (CPC)

� Requires well-defined testing strategy

� Sampling and Testing Plans, Testing Intervals

� Procedures for periodic testing and retesting due to material changes

� Policies and training to avoiding undue influence over testing labs

� Recordkeeping and documentation

� Corrective Actions

� Product specification management

� Restrictions on specific chemicals

� Certification of Non-children’s products (GCC)

� Regular updates, amendments and changes from CPSC


CPSC Port Surveillance – Exponential Increase in # of Units Stopped


Toxic Substances Control Act (TSCA)

� Lack of updates and effectiveness of federal oversight resulted in creation of state chemical laws

� 18 states have passed 71 chemical laws since 2003

� Pending major overhaul of TSCA (Chemical Safety Improvement Act) could impose significant new burdens

� Mainly applicable for manufacturers of chemicals and mixtures, processors as well as importers

� Current list has 84,000 chemicals of which only 5 of them have restrictions

� Requires reporting, recordkeeping, and testing of chemical substances and mixtures

� Restrictions on manufacturing, processing, distribution, or disposal of certain substances

� May require testing if chemicals present unreasonable risk of injury to health or the environment and there is insufficient data to determine its effects


California Proposition 65 (Prop 65)

� Currently has 800 chemicals in the list and its updated yearly

� Once a chemical is listed, businesses have 12 months to comply with warning requirements

� Requires warning label on products / posters in workplace, leaflet distribution

� Prohibits businesses from

� Knowingly discharging listed substances into drinking water sources

� Land where the substances can pass into drinking water sources

� Potential reform of Prop 65


California Safer Consumer Products Regulation

• Created/Enforced by California Dept. of Toxic Substances Control (DTSC)

• Applicable from Oct 1, 2013 and relevant for Manufacturers, Retailers, Assemblers and Importers that sell consumer products in CA

• Current Status

– List of candidate chemicals (CC) already available

– Already proposed 3 Priority products

• Upcoming

– DTSC will classify candidate chemicals associated with priority products as chemicals of concern (CoC)

– Final list of priority products (PP) in 2015


Sample Candidate Chemical List & Product Categories

• Nonylphenol ethoxylates

• Per and poly-flurinated (PFOAs)

• Metals

– Nickel, Lead, Cadmium

• AZO Dyes

• Phthalates

• Solvents

• Toys

• Apparel & Leather

• Footwear

• Cook wear

• Electronic products

• Water & Stain Resistant Coatings

• Automotive Components

• Waxes

• Paints

• Personal-care products

• Medical devices

Candidate Chemicals Product Categories


Steps / Actions Required After DTSC Finalizes Priority Products

• Notify DTSC with details of PPs that they sell and the course of action decided

– Cease sale / production of products

– Remove / Replace chemical of concern (CoC) from products

– Prove that products contains less than threshold amount of CoC and has quality controls in place

– Perform alternatives analysis, identify alternatives and propose implementation plan

• Actions required based on DTSC response

– Change existing / additional labels to warn consumers on chemicals

– Cease sale / production of products

– Restrict usage of chemicals

– Implement safety measures or end-of-life management plans

– Additional commitments to make products safe


Other State Regulations

• Washington Children’s Safe Product Act

– Currently include list of 66 chemicals

– Manufacturers of children’s products containing Chemicals of High Concern to Children (CHCC) must annually report

• Maine Toxic Chemicals in Children’s Product Law

– Currently include list of 49 chemicals

– Requires reports and notifications on the use of chemicals

• Vermont

– Identify and publish list of chemicals by July 2015

– Requires notification and replacement of chemicals


And the List Continues

• Connecticut: An Act Concerning Child Safe Products

• Illinois: Toxic Chemical Safety Act

• Minnesota: Children’s Health Protection from Toxic Chemicals in Products

• New York: An Act to Amend the Environmental Conservation Law, in Relation to Regulation of Toxic Chemicals in Children’s Products

• Oregon: A Bill Relating to Chemicals in Children’s Products


Increasing Testing Programs and Mandates from Retailers

• Changing testing protocols

• Going beyond legal requirements and actively enforcing testing for all products / SKUs

• Increasing testing requirements for certain product/shipment types

• Testing and inspections required for even legacy existing products


NGO and Social Media Impact


Proactive Approaches to Ensure Compliance

Enforce policies & controls across supply chain

Improve visibility and traceability in the supply chain

Centrally manage multiple compliance programs

Develop and implement a comprehensive testing strategy

Identify potential risks and implement risk mitigation plans

Quality Assurance and Control programs to ensure effectiveness

Record retention programs to ensure all required documents are in place



• Enforce Policies & Controls across Supply Chain

– Product specifications, quality controls in the supply chain

– Communicate requirements to suppliers

– Supplier certifications to ensure hazardous chemicals are not in the products

– Training and capacity building programs to educate suppliers

• Improve visibility & traceability in the supply chain

– Which factories are producing

– List of retailers carrying them

– Detailed product specification

– Differentiate by design / manufacturing / contract manufacturing ownership

– Chemicals, Hazardous / Restricted substance lists

– Source of Raw-Materials and Ingredients

– Material change impact



• Compliance Management

– Centrally manage multiple compliance regulations, retailer / brand requirements by products, product categories and locations

– Link products, chemicals to regulations and compliance requirements

– Develop and implement controls to ensure compliance

– Harmonize controls to avoid duplication of effort

– Provide policies, compliance training to employees, and means to report concerns

– Regulatory Intelligence to manage changes to compliance requirements

• Testing Strategy

– Risk-based testing for high risk chemicals

– Collaborate with suppliers and third-party labs on testing and certifications

– Centrally manage testing requirements, plans, protocols, schedules etc.

– Sampling strategy

– Production testing, Periodic and Random Testing

– Remediation action plans for test failures



• Risk Management

– Suppliers, products, components, chemicals and materials etc.

– Risk identification, analysis, assessment and mitigation

– Assess impact and likelihood for various risk types and categories

– Leverage risk metrics to prioritize programs and tasks

• Quality Assurance & Control programs

– Assessments of suppliers, manufacturing facilities, production, processing, transportation, storing processes etc.

– Final & In-line Inspections

– Leverage both external and internal auditors

• Record Retention / Documentation

– Bill of materials, Product specification Supplier Declaration, Test results, Material changes, Certifications etc.


Quality Management & EU Product Safety – Leading French Retailer

• Ensure compliance with upcoming 2015 EU product safety compliance requirements

• Automate, and integrate End-to-End quality assurance

– Inspection Management

– Quality Audit Management

– Product Risk Management

– Product Testing

– Product & Supplier Non-conformance

– Investigations and root cause analysis

– Preventive actions, and curative actions including product blocking, and recall management


Creation

&

Design

Development

Testing

Materials

&

Specifications

Production Testing

Distribution / Retail

Disposal

Integrate Safety Compliance into Product Lifecycle

• General requirements• Regulatory requirements• Standards & certifications

• Test plans and requirements

• Packaging & labeling requirements

• Product Integrity• Raw materials,

specifications, RSLs

• Tracking / traceability

• Process controls• Audits & certification• Issue & CAPA

• Sustainability• Recycling

• Customer Complaints & Claims

• Product Recalls


Supplier Information

Management

Policy Communication

Third-party Due-

Diligence

Collaborate with other Supplier Assurance Programs

CSR Policies

Supplier Surveys and Self-Assessments

Supplier & Factory Audits

Compliance Monitoring

NCM & Corrective Actions

Capacity Building Programs

CSR Policies

Supplier Surveys and Self-Assessments


Compliance Monitoring

NCM & Corrective Actions

Capacity Building Programs

Supplier EHS policies

Raw Material Sourcing

Environment Responsibility Audits

Fire & Building Safety Audits

Waste Generation, storage and disposal

Energy Use, Transport, GHG Emissions

Supplier EHS policies

Raw Material Sourcing

Environment Responsibility Audits

Fire & Building Safety Audits

Waste Generation, storage and disposal

Energy Use, Transport, GHG Emissions

Product Information

Quality & Safety Standards

Risk Analysis & Hazard Reduction

Quality & Production Capacity Audit

Product Compliance

Product Testing

NCM & Corrective Action

Product Information

Quality & Safety Standards

Risk Analysis & Hazard Reduction

Quality & Production Capacity Audit

Product Compliance

Product Testing

NCM & Corrective Action

Supplier Governance

Supply Chain Structure

Security Policies

Record Retention & Evidence

Risk Assessments & Analysis

Self-Assessments & Internal Audits


Inspections

Supply Chain Structure

Security Policies

Record Retention & Evidence

Risk Assessments & Analysis

Self-Assessments & Internal Audits


Inspections

Supplier On-

Boarding

Supplier On-

Boarding


Automating Supply Chain Governance

Optimizing the efficiency and agility of a supply chain governance program

“I’ve gotten really good

feedback from the

business units and teams

that are using the

system. They like having

something that they

know is going to work.

They like knowing that

they’re not going to get

20 different emails. It’s

really easy from my

standpoint too. When I

log onto the system, I

can see what projects

people are working on,

where we’re at, what’s

overdue…it just makes

life easier.”

Susan Van Houten -Senior Director of Global Sourcing at HD Supply


Maturity of the Product Quality & Safety Compliance Program

Reactive

Integrated

Proactive

Maturity of the Product Quality & Safety Compliance Program

Str

ate

gic

Effectiveness

Basic

Supplier dependent; Relies on Tier 1 suppliers for all relevant information, lack of effective product documentation

Multiple programs and fragmented approach; Safety & quality policies, processes in place to address after adverse events

Integrated approach to quality and safety programs; Centralized and collaborative approach with suppliers

Embedding culture of quality and safety; management commitment, risk-based approach


Integrated GRC & Quality Management

• Automate, and integrate multiple governance, risk, compliance and audit management programs

– Quality & Safety Compliance

– Supplier Governance, Risk and Compliance

– Legal, Corporate & Regulatory Compliance

– Enterprise Risk Management

– Internal Audit

– IT GRC


Technology Strategy for Product Safety Compliance and Testing Management Programs


Automate and Integrate Relevant Programs

Product Compliance

Information Management

Policy & Compliance

Risk Management

Testing Management

Validation Management

NCM & CAPA


• Risk 1

• Risk 2

• Risk 3

………

Risks

• Control 1

• Control 2

• Control 3

………

Controls

• Standard 1

• Standard 2

• Standard 3

………

Functions

• Materials

• Specifications

• RSLs

………

Product Information

• Test Plan

• Survey

• Self-Assessment………

Tests

• Risk-Based

• Requirement-Based

• Business Unit-Based

Assessment

• Action Plan

• Implement

• Monitor

Issues

• GPSD

• CPSIA

• CA Prop 65

• CCPA

• …

Area ofCompliance

• Assertion 1

• Assertion 2

Assertions

• Procedure 1

• Document 1

• Work Instruction 1………

Policies/Documents

Leverage Robust and Flexible Information Model


Automation to Enhance Collaboration

• Alerts and notifications for regular communication to stake holders

• Collaboration between suppliers and third-party testing labs

• Supplier surveys to gather information

• Automate and manage Product Testing, certification etc.

• Collaborate with suppliers to remove / replace candidate chemicals

• Manage non-conformance & corrective actions

• Capacity Building & Training Programs

Organization

Testing LabsSuppliers


Supplier Information & Product Specification Management

• Capture and map relevant product information from supply chain

• Include components, raw-materials, specifications, chemicals, thresholds etc.

• Automate material change process

• Facilitate supplier declaration through supplier surveys

• Leverage BOM, MSDS etc.

• Manage supplier and sub-supplier information, labs, third-party auditors

• Manage relationships between supplier, product, material, attribute and compliance

• Enable traceability and visibility across the supply chain

Product

Compliance Regulation

Raw-Materials

Chemicals SupplierCountry of

Origin


Policies for Effective Compliance

• Create, communicate and manage policies, controls & expectations

– Product safety

– Compliance

– Testing

– Quality

• Update procurement and supplier policies to facilitate compliance

• Harmonize & Map policies to multiple compliance requirements

• Regular training & capacity building programs on regulations

• Collaborate with suppliers on policy exceptions and potential risks

• Leverage supplier surveys & assessments to ensure compliance

Create & Organize Policies

Capacity Building -Awareness and Training

Tracking and Visibility

Map Policies to Standards

& Compliance Requirements

Policy Exception

Management

Supplier Surveys & Assessments


Centrally Manage Multiple Compliance Requirements

• Create centralized compliance library

– CPSIA, TSCA, Toy Directive,, WA, Maine, CA Prop 65

• Map Standards & Requirements to Products

• Leverage regulatory intelligence

– Identify new requirements

– updates on existing requirements

• Facilitate compliance assessments through surveys and audits

• Store and manage certifications

• Monitor and track compliance violations, progress of corrective and preventive actions


Case Study: Fortune 500 Retail Chain

• Streamlining and integrating compliance programs across BUs and functions

• Integrated framework to streamline compliance with HR policies and procedures, training and certification requirements, privacy policies, diversity affairs, legal requirements, risk management, internal audit, IT security and SOX

• Selected MetricStream for its flexible and extensible data model and reporting capabilities that are designed to support multiple regulatory requirements in an integrated manner


Product Testing Management

Product & Chemical Management

Test Requests &

Data Gathering

Product Testing Statius

Test Planning &

Management

Compliance Certification

Management

Test Failures &

CAPA Management


Product Risk Assessment & Management

• Supplier & Product Risk Assessment & Management

• Identify and manage risks in central library

– Design hazard risk analysis

– Failure mode analysis for both design and production

• Regular risk assessments on products and suppliers

• Facilitate Risk-based audits, tests

• Create and manage controls & procedures including risk mitigation plans


Product Safety & Compliance Audits

Audit Scoping

Executive Program Management

Planning & Scheduling

Audit Execution

Audit Review & Completion

Final Audit Report

Audit Remediation


Product Non-Conformance & Corrective Action Management

• Capture non-conformance from all program elements

– policy non-conformance

– Test failures

– risk assessments

– safety audits

– Customer complaints

• Collaborate with supplier and internal teams to develop and implement corrective actions

– Product Recall

• Track and Monitor implementation to closure


Monitor & Track Program Performance


Leading Retail Chain in South Africa

• Optimize and automate supplier information, inspection and audit management processes

• Integrated solution for auditing and reporting across stores, supplier manufacturing plants, warehouses and farms

• Facilitated collaboration with third-party auditors and suppliers.

• Suppliers can access any policy documents, templates, design artworks

• Allows suppliers to upload their certificates and customer complaints which in-turn can be accessed and reviewed by internal compliance team


MetricStream Corporate Overview

Integrated Governance, Risk & Compliance (GRC) for

Risk-Driven Intelligence and Better Business PerformanceVision

Solutions

Partners

Differentiators

• Technology - Enterprise GRC Platform – 9 Patents • Breadth of Solutions – Single Vendor for all GRC needs• Cross-industry Best Practices and Domain Knowledge• ComplianceOnline.com - Largest Compliance Portal on the Web

RecognitionLeader in Gartner GRC Magic Quadrant: 2008 to present

Leader in Forrester GRC Wave

• Store Audit & Loss Prevention

• Supply Chain Security Management

• Compliance Management

• Audit Management

• Policy & Document Management

• Supplier Governance, Risk & Compliance

• Social Compliance & Factory Audits

• Product Quality & Safety Compliance

• Risk Management

• EHS & Sustainability


Thank YouSonal SinhaAssociate Vice President Industry [email protected]

Manu GopeendranAssociate Director [email protected]

Developing Product Safety Compliance and Testing ... · © 2014 MetricStream, Inc. All Rights...

Documents

Transcript of Developing Product Safety Compliance and Testing ... · © 2014 MetricStream, Inc. All Rights...