A supplier code of conduct is a document that spells out the minimum standards a company expects its suppliers, vendors, and subcontractors to meet in areas like labor practices, environmental impact, workplace safety, and business ethics. It functions as a set of ground rules: any supplier that wants to do business with the buying company agrees to follow these standards as a condition of the relationship. Large corporations, government agencies, and nonprofits all use them, and they’ve become a standard part of procurement contracts across industries.
What a Supplier Code of Conduct Covers
Most codes are organized around four broad categories: labor standards, health and safety, environmental responsibility, and ethics. The specifics vary from company to company, but the core expectations are remarkably consistent because they draw on the same international frameworks and legal requirements.
Labor Standards
This section prohibits forced labor, including modern slavery and workers recruited through human trafficking. Child labor is banned at every stage of manufacturing. Working hours and wages must comply with local laws, and suppliers are expected to pay at least the legal minimum wage on time. Workers must be free to form and join unions without facing retaliation, and suppliers cannot discriminate in hiring or employment based on race, gender, age, sexual orientation, disability, religion, or other protected characteristics. Violence, bullying, and verbal abuse in the workplace are also prohibited.
Health and Safety
Suppliers must maintain safe working conditions, which includes emergency preparedness plans, proper handling of hazardous materials, safeguards on dangerous machinery, and training for workers on health and safety risks. The requirements extend to basic facilities: clean restrooms, drinkable water, and sanitary eating areas. When a supplier provides dormitories for workers, those facilities need to be clean and safe, with adequate lighting and hot water.
Environmental Responsibility
Environmental provisions require suppliers to identify their environmental impacts and minimize harm to surrounding communities and natural resources. Typical requirements include obtaining proper environmental permits, reducing pollution and waste, managing water usage, controlling air emissions, and working toward greenhouse gas reductions. Many codes also address solid waste disposal, recycling practices, and the safe handling of hazardous substances.
Ethics and Anti-Corruption
Ethics provisions set a zero-tolerance standard for bribery, corruption, extortion, and embezzlement. Suppliers must comply with anti-corruption laws in the jurisdictions where they operate, such as the U.S. Foreign Corrupt Practices Act or the U.K. Bribery Act. Beyond legal compliance, these sections call for transparency in business dealings, protection of intellectual property, and fair competitive practices. Some codes also include requirements around data privacy and responsible sourcing of raw materials like minerals from conflict zones.
Why Companies Require One
A supplier code of conduct serves several purposes at once. First, it manages risk. When a supplier is caught using child labor or dumping toxic waste, the buying company’s reputation takes a hit even though it didn’t commit the violation directly. Setting clear expectations in writing, and backing them up with monitoring, reduces that exposure.
Second, these codes increasingly reflect legal obligations rather than voluntary commitments. The European Union adopted the Corporate Sustainability Due Diligence Directive (CSDDD) in 2024, which will require large companies to conduct due diligence across their supply chains for human rights and environmental harms. The directive applies to EU companies with more than 5,000 employees and more than 1.5 billion euros in turnover, and it also reaches non-EU companies generating similar revenue in the EU. Violations can result in fines of up to 3% of global turnover. Germany has had its own Supply Chain Act (known as the LKSG) in force, imposing due diligence obligations on companies sourcing from abroad, though its reporting requirements are being scaled back as the EU-level framework takes shape.
Third, many institutional buyers, investors, and customers now evaluate companies on their supply chain practices. Having a well-enforced code of conduct strengthens a company’s standing in sustainability ratings and can be a deciding factor in winning contracts, particularly in government procurement.
How Compliance Gets Monitored
A code of conduct is only as useful as the mechanisms behind it. Companies typically use a combination of tools to verify that suppliers are actually following the rules.
Self-assessment questionnaires (SAQs) are the most common starting point. Suppliers fill out detailed forms about their labor practices, environmental controls, and safety measures. These are low-cost and easy to scale, but they rely on honest self-reporting, so most companies treat them as a screening tool rather than proof of compliance.
On-site audits provide a deeper look. These can be conducted by the buying company’s own team or by independent third-party auditors. A typical audit involves facility inspections, document reviews (payroll records, environmental permits, safety logs), and confidential interviews with workers. Some industries have shared audit programs so that a single supplier doesn’t face redundant inspections from every customer.
Many companies also maintain confidential reporting channels, sometimes called whistleblower hotlines, where workers or other parties can flag violations anonymously. These can surface problems that scheduled audits miss, since suppliers sometimes prepare for audits by temporarily improving conditions.
Suppliers are generally required to keep records that demonstrate compliance and to cooperate with inspections and certification processes. The buying company’s code typically reserves the right to audit at any time, with or without advance notice.
What Happens When a Supplier Violates the Code
Most well-drafted codes build in a range of responses rather than a single penalty. The response usually depends on how severe the violation is and whether the supplier is willing to fix it.
For minor or administrative breaches, the typical first step is a corrective action plan. The supplier is given a specific timeframe to address the problem, and the buying company follows up with another assessment to confirm the issue has been resolved. Jumping straight to contract termination over a minor paperwork gap would likely be seen as disproportionate, and courts in some jurisdictions have reinforced that principle.
For serious violations, such as the discovery of child labor, forced labor, or systemic fraud, the code usually includes an exit clause allowing the buying company to terminate the relationship immediately. Companies build these provisions in specifically to protect themselves from reputational damage when a supplier crosses a clear ethical line.
Between those extremes, penalties might include increased audit frequency, mandatory training programs, temporary suspension of new orders, or financial penalties defined in the supply contract. The key is that the code clearly defines what constitutes a breach, what the consequences are, and how the escalation process works, so both sides understand the stakes before a problem arises.
How Supplier Codes Differ From Internal Codes
A company’s internal code of conduct governs the behavior of its own employees. A supplier code of conduct extends similar expectations outward to the companies it buys from. The overlap is significant (both cover anti-corruption and workplace safety, for example), but supplier codes are tailored to the realities of managing an external business relationship where you don’t control day-to-day operations.
Supplier codes also tend to focus on issues that are more common in manufacturing and raw material extraction, like forced labor in factories, hazardous waste from production processes, or unsafe working conditions in facilities the buying company never visits. They function as a contractual tool: the supplier agrees to the code as part of the purchase agreement, which gives the buying company legal standing to audit, demand changes, or end the relationship if the standards aren’t met.
Creating or Evaluating a Supplier Code
If you’re writing a supplier code of conduct for your own company, the core sections should cover labor rights, health and safety, environmental standards, ethics and anti-corruption, and compliance documentation. Be specific about what you expect rather than relying on vague language like “suppliers should act responsibly.” Define the sanctions for violations clearly, distinguishing between breaches that trigger corrective action and those that justify immediate termination.
If you’re a supplier being asked to sign one, read it carefully. Pay attention to audit rights (how much access the buyer is claiming), the definition of your supply chain obligations (some codes require you to push the same standards down to your own subcontractors), and the consequences of non-compliance. Understanding these details before you sign prevents surprises later.