A Regulatory Compliance Primer

From eSourcingWiki
Jump to: navigation, search
A Regulatory Compliance Primer



There is an ever dizzying away of acts and directives that a supply management professional needs to be aware of when sourcing globally these days. This mini-wiki is designed to cover some of the more commonly encountered acts and directives a sourcing professional is likely to encounter when trading in the Americas, Europe, India, China, and the rest of the world.

In addition to the attention grabbing Sarbanes-Oxley Act (SOX), especially section 404 on the management assessment of internal controls, there is the Hazardous Materials Safety (HAZMAT) in the US, the European Union (EU) Restriction Of the use of certain Hazardous Substances in electrical and electronic equipment (RoHS), the forthcoming RoHS equivalent in China and other Asian countries, and the European Commission (EC) Directive on Waste Electrical and Electronic Equipment (WEEE); there's also the EC Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH), the EC End of Life Vehicles (ELV), and the EU Cosmetics Directive; and there's the Kyoto Protocol / Clean Air Act, EU Electromagnetic Compatibility Directive (EMC), and the Electronic Industry Code of Conduct (EICC).

The Americas

The most important regulatory compliance act in the Americas these days is arguably the Sarbanes-Oxley act which is still causing quite a fuss five years after its introduction, as foreign companies continue to de-list from American Stock Exchanges to try and avoid the reporting requirements that they find to be unduly imposing and costly. Other important acts are the HAZMAT act and the TREAD act (covered in the Customs and Security wiki).

Sarbanes-Oxley Act

The Sarbanes-Oxley Act (SOX) of 2002, also known as the Public Company Accounting Reform and Investor Protection Act of 2002, which established a new quasi-public agency (the Public Company Accounting Oversight Board, or PCAOB) was drafted and passed in response to a number of major corporate accounting scandals (including Enron, Tyco International, Peregrine Systems, and WorldCom) in an effort to restore public trust in accounting and reporting practices.

The Sarbanes-Oxley Act contains a number of major provisions that address the disclosure of internal controls at public companies, the certification of financial reports, auditor independence, personal loans to any executive officer or director, insider trading, and required disclosures. Basically, auditors must be independent, independent auditors must "attest" to the disclosure of internal controls, the chief officers must personally certify the financial reports, personal loans to executive officers or directors are banned, and insider trades are prohibited during pension fund blackout periods. Failure to comply with any of the requirements could result in enhanced cival and criminal penalties for violations of securities laws.

Hazardous Materials Safety

The handling of Hazardous Materials (HAZMAT) is extensively regulated in many countries, and the United States in particular. The US Department of Transportation (DOT) regulates its transportation in title 49 of the Code of Federal Regulations (49 CFR), the US Occupational Health and Safety (OSHA) regulates its handling in the workplace through title 29 of the Code of Federal Regulations (29 CFR), the Environmental Protection Agency (EPA) regulates these materials from a community impact perspective and regulates cleanup and disposal (primarily under 40 CFR), and the Consumer Product Safety Commission (CPSC) regulates how they may be used in products sold to consumers (mainy through 16 CFR).

There are a lot of hazardous materials recognized by regulatory agencies. The US DOT alone recognizes nine classes: explosives, compressed gases, flammable liquids, flammables, oxidizing materials, toxic materials, radioactive materials, corrosive materials, and miscellaneous dangerous goods. The United Nations Model Regulations recognizes explosives, gases, flammable liquids, flammable solids, oxidizing substances and organic peroxides, toxic and infectious substances, radioactive material, corrosive substances, and miscellaneous dangerous substances.

The European Union

While the U.S. has gone all out on security regulations to protect its borders (see the Customs and Security wiki) the EU has been chugging along regulating everything it can think of to ensure products imported into or made in the EU are safe for people and the environment. Some of the more important acts that one needs to be familiar with when trading globally are the Restriction Of Hazardous Substances (RoHS), the Waste Electrical and Electronic Equipment Directive (WEEE), the Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH), the End of Live Vehicles (ELV), the Cosmetics Directive, and the Electromagnetic Compatibility Directive (EMC).

Restriction Of Hazardous Substances

The Restriction of Hazardous Substances Directive (RoHS) was adopted by the European Union in February of 2003 and took effect on July 1, 2006. The directive restricts the use of six hazardous materials in the manufacture of various types of electonic and electrical equipment and is closely linked with the Waste Electrical and Electronic Equipment (WEEE). More specifically, RoHS, which is often referred to as the lead-free directive, restricts the use of lead, mercury, cadmium, hexavalent chromium (chromium xxx or Cr6+), polybrominated biphenyls (PBB), and polybrominated diphenyl ether (PBDE), the latter two being used as flame retardants in some plastics. It limits the maximum concentations of such materials to 1000 PPM (parts-per-million) by weight of homogenous material, which is any single substance that could (theoretically) be separated mechanically. (Note that batteries, covered under the European Commision's Battery Directive, are not included.)

However, even though the directive is confined to the European Union, it has far reaching implications. China has regulations, often referred to as China RoHS, that have similar restrictions, California has the Electronic Waste Recycling Act (EWRA) that took affect January, 2007, and South America promulgated the Act for Resource Recylcing of Electrical and Electronic Equipment on April 2, 2007. In some way, shape, or form, one can, most likely, soon expect to see RoHS variations in effect around the globe in the very near future.

Directive on Waste Electrical and Electronic Equipment

The Waste Electrical and Electronic Equipment Directive (WEEE) became law in the European Union along with the Restriction of Hazardous Substances (RoHS) in February of 2003 and took effect in August of 2004. The directive imposes the responsibility for the disposal of waste electrical and electronic equipment (WEEE) on the manufacturers of such equipment. The companies are required to establish an infrastructure for collecting WEEE in such a way that users of electrical and electronic equipment from private households should have the possibility of returning WEEE at least free of charge.

Registration, Evaluation, Authorisation and Restriction of Chemicals

The EU Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) was passed on December 18, 2006 and came into force in June, 2007 and very broadly covers the production and use of chemical substances in the European Union. It requires all chemicals of one tonne or more in volume that are manufactured in, or imported into, the European Union each year to be tested for health and safety and registered with a new central European authority - the European Chemicals Agency (ECA). It also applies to all chemicals that are considered to be of high concern to health or the environment, regardless of volume. REACH is being phased in over the next 11 years, and it's important to understand precisely when your organization will be impacted in order to be prepared.

The European Commission is supporting REACH affected business by providing, free of charge, a software application (the International Uniform ChemicaL Information Database, or IUCLID) that simplifies the capture, management, and submission of data on chemical properties and effects.

End of Life Vehicles

The European's Commission End of Life Vehicles (ELV) directive was officially adopted in September of 2000 in an effort to make vehicle dismantling and recycling more environmentally friendly and to set clear targets for the re-use, recycling, and recovery of vehicles and their components and to push producers to manufacture new vehicles with a view to their recyclability. In addition, some countries, such as the UK, have legislated very strict interpretations of the ELV and, in the UK, vehicle producers are required to have networks of facilities where the last owner of a vehicle may freely deposit the vehicle at the end of its life starting on January 1, 2007.

European Cosmetics Directive

The European Cosmetics Directive was adopted in 1976 in an effort to safeguard public health with respect to cosmetic products and to allow free movement of safe products within Europe. The most recent (substantial) amendment was passed in 1998. Under the directive, proof of safety is the responsibility of the manufacturer or its distributor in the EU, a full technical file must be available for inspection upon request, and all active ingredients require pre-approval.

Electromagnetic Compatibility Directive

The Electromagnetic Compatibility Directive (EMC) became mandatory January 1, 1996 in the European Union. Manufacturers of electrical or electronic products wishing to sell into the European Union must comply with the directive, which applies to nearly every electrical and electronic product currently in production. The act was designed to ensure that the electromagnetic disturbance generated by an apparatus does not exceed a level that will allow radio and other telecommunications equipment to operate as intended and to ensure that the apparatus has an adequate level of intrinsic immunity to electromagnetic disturbance to enable it to operate as intended.


Unlike the US and Europe, China has not yet brought in any sweeping regulatory compliance laws, although it does appear that equivalents to the European Restrictions on Hazardous Substances (RoHS) and Waste Electrical and Electronic Equipment (WEEE) are on their way. Most of the issues have to do with the federal, provincial, and local laws and the tangled web of complexity they represent, especially to an outsider. For in-depth information on China's law and justice system, as well as a number of links to China law websites, this wiki is going to refer the reader to the China Today website.


Although not as far along as China in its push to get equivalents to the European Restrictions on Hazardous Substances (RoHS) and Waste Electrical and Electronic Equipment (WEEE), India does appear to be further along in the implementation of modern Information Technology related acts. In 2000, India passed the Information Technology Act, its first cyberlaw, which also updated the India Evidence Act with appropriate sections. As with China, much of the regulatory complexity in India has to do with the federal acts and varying provincial requirements in each of India's provinces. For more detailed information on Indian law, this wiki is going to refer the reader to IndLaw.com.

India IT Act

The Information Technology Act, 2000 was India's first cyberlaw and provides various provisions that impact data or information in an electronic form. Section 4 of the act grants legal recognition to all electronic records, provided they are properly retained.

Where any law provides that information or any other matter shall be in writing or in the type written or printed form, then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied if such information or matter is :- (1) rendered or made available in an electronic form; (2) accessible so as to be usable for a subsequent reference."

Indian Evidence Act

The 2000 IT Act also amended the Evidence Act, with sections 65A and 65B that deal with evidence related to electronic records and the admissibility thereof. Such records must be properly maintained, stored, and reproduced to be admissible under the evidence act.


Globally, one of the most important regulatory treaties that one needs to be aware of is the Kyoto Protocol. After that, the relevant industry codes of conduct for your industry (such as the Electronic Industry Code of Conduct) would be quite high on the list.

Kyoto Protocol

The Kyoto Protocol to the United Nations Framework Convention on Climate Change is an amendment to the international treaty on climate change, assigning mandatory emission limitations for the reduction of greenhouse gas emissions to the signatory nations. (Wikipedia) As of December 2006, 169 countries and governmental entities have ratified the agreeement, with notable exceptions including the United States and Australia. The treaty expires in 2012, and international talks began in May 2007 on a future treaty.

Electronic Industry Code of Conduct

As per the EICC information site, the Electronics Industry Code of Conduct (EICC) identifies appropriate standards of conduct for socially responsible entities operating in the electronics industry. The EICC code was designed to provide standards-based approach for monitoring suppliers' compliance across several areas of social responsibility, including labor, health, safety, and environmental activity. The goal is to eliminate inefficiency and duplication, and make performance easier to survey, audit, and verify.


Michael G. Lamoureux, Ph.D. of Sourcing Innovation

Personal tools