Responsibility in supplier selection and relations
Translating AXA’s CR strategy and commitments into its management of vendors is a continuous activity for AXA. This alignment means AXA includes CR topics to select and monitor its providers. This approach is articulated around two axes:
1. Responsible people & processes: all the AXA professionals working in a procurement department, in addition to the Group’s Code of Professional Conduct, must sign a dedicated and reinforced Code of Ethics which promotes fairness and neutrality, confidentiality and transparency of our sourcing decisions. They also are aware of the AXA CR strategy and the AXA Responsible Procurement policy through awareness sessions given by the network of Responsible Procurement Champions identified in our various entities;
2. Responsible vendors: AXA requires from its vendors to be socially and environmentally responsible through the mandatory inclusion of a Corporate Responsibility Clause
in all our contracts. It includes, in particular, complying with the principles of the International Labour Organization (prohibiting the resort to child/forced labour, promoting employee health & safety and freedom of expression, and non-discrimination). Contracts also include a reference to the AXA Compliance and Ethics Code. In addition, AXA implemented a CR Risk assessment of its suppliers, identified thanks to an internal CR Risks Matrix. Suppliers are thus classified into procurement risk categories and evaluated against five CR criteria (environment, social, product & services end-use impact, suppliers’ supply chain, and business integrity). Vendors falling in the highest CR risks categories are asked to share their valid DJSI or EcoVadis scores or even follow an EcoVadis assessment.
Detailed information on our responsible procurement policy and standard is elaborated in AXA’s Group Procurement Guidelines. The document is used for supplier selection and management purposes.
To protect both business and customers, AXA has decided to reinforce its operational controls and its Risk Management framework of third parties: a dedicated Vendor Risk program was validated by the Operational Audit Risk Compliance Committee (OpARCC) and launched in 2018 in order to enhance the existing AXA control framework. This program is supported by Group functions (Compliance, Data Privacy, Information Security, Operational Resilience, Legal, Reputation and Internal Control), local stakeholders (Chief Risk Officers, Chief Procurement Officers and Insurance Procurement directors) and co-sponsored by Group Risk Management and Group Procurement.
The Vendor Risk Framework defines a set of requirements for each relationship, with a risk-based approach, i.e. existing and potential new contracts. After identification of the criticality through pre-determined criteria, an appropriate level of due diligence, minimum requirements and oversight is implemented. Several waves of deployment, aligned with the Group Internal Control Program, have been scheduled between 2019 and beginning of 2021.