SCAN Association: Leveraging

Audit Sharing Technology to

Improve EfficienciesHosted by

United States Fashion Industry Association (USFIA) and

BSI

June 21, 2017

2:00 P.M. Eastern/11:00 A.M. Pacific

Do you have a question?

During the webinar, all attendees will be assigned to listen-only mode. Please use the Questions box on your dashboard to ask a question during the webinar.

Leveraging Audit Sharing Technology to Improve Efficiencies

Presented by:

Brittney De Stefano; BSI SCAN Program Management Team

Walter Fong; Sr. Director Global Compliance, Levi Strauss

Ken McElroy; Global Trade Risk & Export Compliance Manager, The Home Depot

The Challenge:

• Our Supplier’s are claiming ‘Audit Fatigue’

• There is no industry accepted Supply Chain Security standard

• Varying Degrees of Security Compliance Requirements and inconsistent Corrective Action Plans

• Lack of collaboration and sharing of Best Practices

• Strained Company Resources for both the supplier and importer

Current Audit Model

SCAN Network

SCAN Audit Model

Many to One Approach One to Many Approach

Why SCAN?

Mission Statement: The Supplier Compliance Audit Network (SCAN) is an association of companies with global supply chains who collectively develop and manage global security audit standards to reduce audit fatigue and redundancy by way of a confidential risk management platform.

Setting the Foundation:

• Created Legal Entity as a Non-Profit organization with Bylaws and Anti-Trust

• Selected BSI as Program Manager

• Agreed upon Supply Chain Security standardized checklist & Corrective Actions

• Created Membership Application, Tier Levels, Membership Dues

• Developed Audit Repository

• Created Welcome Package for New Members

• Identified approved service providers

• Set standard day rate pricing

• Developed Supplier Introductory Letter

• Established SCAN Website www.scanassociation.com

SCAN Association History

Major Milestones:

• April 2015: Finalized Audit Checklist, Pre-Assessment, & Auditor Guidelines

• May 2015: Launched Audit Program

• June 2015: CAPA Program Initiated

• July 2016: New Board Members Elected per By-Laws

• October 2016: Most recent version of updated Audit launched

SCAN Security Criteria

• SCAN Audit Criteria is a program-agnostic approach and incorporates Minimum Security Criteria from C-TPAT, AEO, PIP

• SCAN Security Requirements are prescriptive in nature and are mainly established or evolving Best Practice countermeasures

• SCAN has expanded the security focus of an audit:• C-TPAT Importer Criteria contains ~ 79 areas of

compliance

• SCAN Criteria contains 148 assessed areas of compliance in 82 questions

• Auditors must capture key 16 components ‘evidence of implementation’ during the audit:• Multiple mandatory photographs of Building, Access

Controls, Shipping/Receiving, Seals, Security Systems

• Copies of C-TPAT Procedure for C-TPAT security categories

• Ensures audit consistency and level sets suppliers on security requirements

10

54

18

Critical Must Should

Question Weighting

Corrective and Preventative Action

• SCAN has created Corrective Action Criteria for all issues identified onsite

• CAPA’s are assigned on average within 1.5 days from Audit Completion

• BSI has Supply Chain Security experts assigning, reviewing and closing every CAPA

• Supplier has 60 days to complete CAPA and provide strong evidence of implementation

• Note: Many CAPA’s kicked back for incompleteness or noncompliance of SCAN criteria

• Every Audit, Photograph, Supporting Document, CAPA, Evidence of Implementation is maintained on the supplier for life

• If supplier is non-responsive, CAPA’s are elevated to the SCAN audit sponsor

SCAN: The Team

SCAN Board of DirectorsStandardize the SCAN Security Audit criteria and questions.

Board Chair: Kendra Riley – Senior Manager, Global Trade Services, The Home Depot

Board Vice Chair: Lisa Schulte – Director of Global Trade Services, Target

Board Treasurer: Patricia Cerisano, Global Customs Trade Compliance Manager – Husky Injection Molding

Board Secretary: Stella Bray-Conrad – Director Global Supply Chain Security, Walmart

SCAN MembersSCAN provides multiple membership types to provide importers, transportation and logistics providers, and service providers the opportunity to participate in developing the association, and streamlining their supply chain security audit management.

SCAN Program Management (BSI)Facilitates the audit assignments and acts as the conduit between auditing firms and the SCAN BOD/Members as well as processing the corrective action follow-up post-audit with the suppliers.

Auditing FirmsWork directly with the suppliers, conduct onsite SCAN Security Audits, and coordinate with the SCAN Program Management for completed audits.

Suppliers and Business PartnersAgree to the SCAN Security Audit, receive and share as appropriate respective SCAN ID#s with other companies which are SCAN Members to receive copies of the audit report and ultimately reduce the audit fatigue throughout the industry.

Executive Membership – Importers• Access to SCAN Audits• Full Voting Rights• Access to Networking Events

Associate Membership –Transportation Providers• Limited Access to SCAN Audits• Limited Voting Rights• Access to Networking Events

Affiliate Membership – Service Providers• No Access to SCAN Audits• No Voting Rights• Access to Networking Events

SCAN Committees

Membership

Strategically drive overall membership growth across a broad spectrum of industry sectors. Develop initiatives to support active engagement of the SCAN Membership.• Recruitment• Onboarding• Engagement• Retention

Audit Management

Build comprehensive audit approach driving standardization and compliance. Review and update tools as security requirements change.• Factory/ Supplier Audit• Business Partner Audit• Domestic Location Audit• Check the Checker• Follow up Audit Evaluations

Service Providers

Best in class providers administer consistent, high quality, and efficient security audit services to supplement the unique and dynamic supply chains of every SCAN member. • SCAN KPI Management• Issue Escalation• Liaison with BSI Program Manager• Service Provider Contracts & Training

Public Relations

Develop membership and prospective membership communication and marketing tools to drive education and awareness of the Association.• Establish External Partnerships• Publicity• Quarterly Association Newsletter• Membership Benchmarking

Information Technology

Enable association strategies through technology solutions. Identify development opportunities to drive efficiencies in process and membership needs.• Liaison with Technology Partner• Identify Technology Priorities• Support IT Research and

Development• IT Integration and Security

Executive

Provide governance of the Association ensuring strategic priorities align with the mission of SCAN.• Pillar Areas of Focus and

Opportunities• Association Service Offerings• Bylaws and Legal Support• Association Meetings• Succession Planning

EXECUTIVE MEMBERSHIP(TIER RATE BASED ON VOLUME OF AUDITS)

Tier 1 Membership $7,500 USD(Yearly Audit Volume of 3,000+)

Tier 2 Membership $4,000 USD(Yearly Audit Volume of 1,001 – 3,000)

Tier 3 Membership $2,500 USD(Yearly Audit Volume of 101 – 1,000)

Tier 4 Membership $1,000 USD(Yearly Audit Volume of 1 - 100)

SCAN Member Benefits:

• Reduced audit costs by leveraging audit sharing network

• Access to a globally accepted standard for supply chain security criteria

• Standardized corrective action plans for consistent supplier expectations

• Access to SCAN Audit Repository for sharing audit results

• Increased organizational efficiency allowing resources that are dedicated to current audit programs to refocus their attention on other internal priorities

SCAN Executive Membership & Benefits

7

Apply for Membership

Onboarding Identify PilotGenerate SCAN

ID’sSearch Audit Repository

View Completed Reports

Order New AuditPM Team

Assigns Audit Service Provider Schedules Audit

SP Uploads Final Report

Member Downloads

Report

PM Team Starts CAP Process

Site Addresses CAPs Online

Final CAP Report Ready for Review

Process Flow

SCAN Audit Repository

9

SCAN SCM Premium Package

SCAN SCM Premium Features:

• Instant Reporting of Client’s Completed SCAN Audits (Search and Export not necessary)

• Customizable Risk-Based Scoring Algorithms

• Dashboard of Key Analytics and Progress Updates

• Global Supplier Mapping

• Report Builder Functionality offers a variety of custom reports

All Executive Members have the option to purchase BSI’s Supplier Compliance Manager (SCM) solution at a discounted rate to help manage their supply chain security program. The SCM SCAN Premium Package offers advanced risk-analytics and live tracking of assessments to help gain visibility into your supply chain.

10

*Does not consider audits being pulled from SCAN Audit Repository directly.**Estimated $1,000 per audit.

890

310

67

13 1 1

Audits associated to more than one SCAN Member

2 SCAN Members

3 SCAN Members

4 SCAN Members

5 SCAN Members

6 SCAN Members

7 SCAN Members

Where We’re at Today

Program-to-Date

• Completed Audits 3,872

• Suppliers in SCAN Audit Repository 11,141

• Number of Identified Shared Factories1,862

• Audits Conducted in 52 Countries

Shared Audit Stats:

• 35%* of the conducted audits are shared by more than one SCAN Member

• 1,862* potential saved audits to SCAN suppliers bringing a potential cost savings of over $1.8 M** to supplier audit costs

Member Testimonials

Since joining the SCAN association we’ve realized an immediate impact to our factory audit strategy with many of our factories already audited through SCAN. Not only does this provide a significant cost savings benefit, it also allows us elevate our risk based audit approach which takes into consideration SCAN audit history/score and country risk variables established by the association. - Lisa Schulte, Director of Global Trade for Target

During our last revalidation, Customs recognized SCAN as a best practice under our security procedures. The following is what Customs included as part of our revalidation report: “JCPenney Purchasing Corp. is an active member of the Supplier Compliance/Audit Network (SCAN). Other SCAN participants include some well-known retailers such as Home Depot and Walmart. As leading industry specialists they have worked together to examine security procedures within the trade community. This collaboration led to the creation of a single agreed-upon security audit and sharing platform that would allow importers to conduct and evaluate shared C-TPAT compliant supplier and factory security audits. SCAN is highly regarded by CBP as an organization dedicated to the trade aspect of their Mission.”- Yvettee Estrada, Trade Compliance Director for JCP

Levi’s SCAN Journey

• Levi’s role in SCAN and how we’re leveraging the audit sharing platform

• Challenges Levi’s was experiencing before SCAN

• Why Levi’s joined SCAN?

• Current benefits / KPI’s achieved due to joining the SCAN program

The Home Depot A Journey with SCAN

Ken McElroy

Manager, Global Trade Risk

17

Ken McElroy BIO

• Mgr. Global Trade Risk

– Key responsibilities

• CTPAT program management

» Maintain and Build on HD Tier III status

• Oversee High Security Seal compliance and validation

• Manage Export Compliance

• Country Risk reviews and classifications

• Chair SCAN Audit Questionnaire Committee

18

CTPAT Challenges at Home Depot

• Home Depot is a Top 5 US importer

– Average 2200 FEU’s per week

– 6700 factories cycle in and out of the buying process

– All direct import factories require audit Pre PO creation

• High level of pressure to accept shared audits

• Cost containment

• Internal audit process owned SER

• Annual CTPAT Risk assessment

19

The Home Depot Story

6700 Factories Active and Seasonal

600-800 Annual audits = full time management

Supply Chain Security = “Doing the Right Thing” is a THD core value

Frequent Internal and External Pressure to accept shared audits

Audit costs are a direct impact to costs of goods sold

July 2014Led Audit

Questionnaire Standardization

Sept 2015Socialized SCAN to

THD suppliersand factories with

an enthusiastic response

Late June 2014Signed on for “1” year and joined

Board of Directors

2014 2015

May 2015

Launched 25Audits in SCAN

Pilot

July 2015Internal

socialization with

Merchants and Global

OperationsTeams

Early June 2014

Internal THD Discussions‘Low Risk

Potential for High Reward”

Oct 2015Began

scheduling“re-audits” in

SCAN

2016

Jan 2016Added

517 active factories into

SCAN

April 201630 THD

factories identified as shared with another SCAN

member

May 2016100%

of “re-audits”to be

performed in SCAN

The Home Depot’s Journey

2017

Jan 2017THD CTPAT re-audits 100% in

SCAN

June 2017THD factories 1117 Shared

16314.5%

22

Why has SCAN Succeeded?

Dedicated & Engaged Board of Directors and Membership

Shared Factory Anonymity

Each Member Determines Pass/ Fail Criteria

Affordable - Membership is based on Audits conducted or utilized

Centralized Program administration and CAPA follow up

Easy access to audit results with a search function

SCAN Benefits

>9200 factories in SCAN SCM Database 1117 THD factories

$34K USD in audit cost avoidance fiscal 2017 Week 20

163 Shared Factories Identified 14.5% of total factories

425 Audits or Shared reports from May 2015-2016 ~500 planned in 2017

$128K USD in audit cost avoidance fiscal 2016

More shared factories = More benefits

“SCAN provides access to a cost effective supply chain security program to even the smallest of importers”

Identified SCAN membership as a “best practice” for CTPAT partners

US Customs and Border Protection

The Home Depot Leveraging SCAN and SCM

• THD licensing SCM Premium

– Country Risk Prolife• Screen Updates

– Global Map

– Screen

– Self Assessments for Foreign Corrupt Practices Act

• Under Consideration

– Domestic Supplier Self Assessments

25

Risk Detail The Home Depot Index

Daily News Summery

The Home Depot Global Risk Map

29

Questions?

Walter Fong – Global Trade Compliance, Levi Strauss & Co.Walter has over 20 years of experience in trade compliance and customs operations with an emphasis in the apparel industry. He joined Levi Strauss in 2012 as the Director of Global Trade Compliance with oversight on customs, trade and supply chain security in over 20 markets in the Americas, Asia, Europe and Africa. He has been involved with C-TPAT since 2004 and has visited dozens of factories and distribution centers in the US, Asia, and Africa to educate on C-TPAT best practices and supported customs during validations at factories in Bangladesh, Cambodia, Pakistan and Vietnam.

Ken McElroy - Manager, Global Trade Risk, The Home DepotKen McElroy serves as Manager of Global Trade Risk for The Home Depot. Ken leads the Global Security Verification program as well as a growing export operation and compliance program. Ken’s previous experience includes 32 years of progressive responsibility managing nearly every supply chain business discipline; including cross border operations, supply chain security, supply and demand planning, display packaging and manufacturing operations all with Colgate Palmolive.

Contact Us!

Walter Fongwfong@levi.com

Ken McElroyKENNETH_MCELROY@homedepot.com

Brittney De StefanoBrittney.DeStefano@bsigroup.com

SCAN Websitewww.scanassociation.cominfo@scanassociation.com

Q ues t i on s ?

Please use the “Questions” box on your dashboard on

the right side of your screen.

Con tac t u s a f t e r t he web i na r :

Email: info@usfashionindustry.com

Twitter: @usfashion

Phone: +1-202-419-0444