Currently, the Chain of Custody (CoC) requirements for using subcontractors can be found in the CoC standard and various sections of the Certification Requirements (CR). Criteria 1.4 of the CoC standard states that organisations using subcontractors must ‘be able to demonstrate that the requirements of the CoC standard are met by its subcontractors.’

Key issues with current subcontractor requirements

Although the CoC standard (criteria 1.4) requires organisations to demonstrate that any subcontractors handling MSC products meet the CoC standard, feedback from stakeholders suggests this requirement is inconsistently understood and enforced across the supply chain. Stakeholders suggest that more clarity is needed to help companies understand how to demonstrate that their subcontractors meet the CoC standard (particularly for contract processors), and how this should be verified by certifiers during an audit. Other key concerns related to the existing requirements are summarised below:

  1. Companies must keep a list of all contract processors used (BD4.2.3.1) and must provide a mass balance if the contract processor is not certified (BD4.2.4.2);
  2. The CR provides very little clarity to auditors on how subcontractor requirements should be checked during an audit;
  3. During the project consultation, an additional issue was raised regarding use of non-certified ‘agents.’ These companies provide marketing, logistical, or financial services on behalf of the certificate holder, and may sometimes take legal ownership of the product. The CR is not clear on whether these companies need their own CoC certification, and therefore in some cases they are currently treated as subcontractors.