to Manage Modern Slavery Risk

A. The Moral and Legal Imperative of Modern Slavery Compliance

The Human Cost of Modern Slavery

Modern slavery is a pervasive global issue that traps millions of individuals in conditions of exploitation and abuse. It is also a growing area of reputational and legal risk for companies, particularly those with complex, global supply chains.

As defined by the International Labor Organization (ILO), modern slavery refers to "situations of exploitation that a person cannot refuse or leave because of threats, violence, coercion, deception, and/or abuse of power".¹ It is associated with a range of serious human rights violations, including:

• Forced labor: An estimated 27.6 million people globally are in forced labor situations.² This includes exploitation in industries from agriculture and mining to manufacturing. Notably, forced labor generates over $230 billion in illegal profits for perpetrators each year, indicating the massive economic scale of the problem.³ And this issue is global - despite perceptions to the contrary, forced labor practices have been identified in OECD countries such as the United States and UnitedKingdom.⁴
• Child labor: Approximately 160 million children are engaged in child labor worldwide.⁵ An estimated 3.3 million of these children are in situations of forced labor or slavery-like practices, such as being bonded or trafficked into hazardous work.⁶
• Conflict minerals: The mining of certain high-value minerals in conflict-affected regions is frequently linked to forced and child labor. For example, 60–70% of the world’s cobalt originates from the Democratic Republic of Congo, where mining often involves child labor and other abuses.⁷ Likewise, much of the global supply of coltan, tin, and tungsten is extracted under conditions of child or forced labor in Central Africa.⁸
• Debt bondage: Debt bondage (bonded labor) remains one of the most common forms of modern slavery globally. Victims are trapped working indefinitely to pay off debts under unfair terms. It is often called the world’s most widespread form of slavery.⁹ Because these arrangements are informal and hidden, exact figures are hard to quantify, but debt bondage is prevalent in sectors like agriculture, brick kilns, mining, and domestic work across South Asia, sub-Saharan Africa, and beyond.
• Human trafficking: Human trafficking for labor or sexual exploitation is a transnational crime affecting every region. In 2023, governments worldwide identified over 133,000 trafficking victims, yet this is likely to represent only a small fraction of those exploited.10 Traffickers target vulnerable populations and use force or deception to move victims across regions and into forced labor or prostitution.

In 2022, the ILO reported that approximately 49.6 million people were the victims of modern slavery, an increase of 9 million people since 2016. These statistics are more than just numbers; they represent real people living in invisible chains. The human toll of modern slavery includes lost freedom, trauma, and generational cycles of poverty and abuse. Amid growing public scrutiny and increasing regulatory requirements, companies face mounting pressure to identify and eliminate modern slavery risks hidden within their operations and supply chains.

When used responsibly, data analytics can help to more efficiently identify suppliers or other business relationships that present high risks of modern slavery. Moreover, investment in such analytics capability can yield other benefits; while outside the scope of this article, the same underlying data can be used to support tariff impact analysis, identify potential customs fraud (an area of heightened enforcement by the U.S. Department of Justice),¹¹ enhance sanctions & anti-corruption screening, assess carbon emissions across the value chain, and detect trade-based money laundering and counterfeiting risks.

Modern Slavery Compliance Programs

The management of modern slavery risks shares similarities with other compliance programs. For example, human rights risk is often incorporated into third-party screening. Jurisdictions such as the U.S., EU, Canada, and Australia maintain human-rights-based sanctions that include entities or individuals implicated in modern slavery and other human rights abuses.¹² In addition, the U.S. Uyghur Forced Labor Prevention Act (UFLPA) Entity List, maintained by the U.S. Department of Homeland Security, presumes goods linked to listed identified Xinjiang entities are made with forced labor unless proven otherwise.¹³

However, it also presents several unique challenges, many of which stem from the fact that modern slavery risk can arise not only with a corporation’s direct business partners, but also other entities in their extended supply chain:

• Import Bans: Several western governments, including the U.S., Mexico, and Canada, have imposed prohibitions on the import of goods made with forced labor.¹⁴ The U.S. also presumes that goods from certain regions (namely China’s Xinjiang Uyghur Autonomous Region (XUAR)) are made with forced labor and cannot be imported to the U.S. unless an importer can prove the absence of forced labor throughout the supply chain.¹⁵ The EU has adopted its own forced labor import ban, the EU Forced Labour Regulation, which will prohibit the import and export of products linked to forced labor. Some of these measures shift the burden of proof to importers to demonstrate through supply chain documentation that imported products are not associated with forced labor.¹⁶
• Risk-Based Human Rights Due Diligence: Under the United Nations Guiding Principles onBusiness and Human Rights (UNGPs), companies have a responsibility to proactively manage human rights risks in their operations and supply chains.¹⁷ This means identifying where the risk of forced labor or child exploitation is highest (e.g. certain entities, raw materials or countries) and concentrating due diligence efforts there. The proposed EU Corporate Sustainability Due DiligenceDirective (CSDDD) will mandate human rights and environmental due diligence for large companies operating in the EU.¹⁸
• Supply Chain Mapping: Unlike fraud or bribery risks that typically involve a company’s primary partners, modern slavery risks often reside further upstream in the supply chain (e.g. at the raw material extraction or farm level). Mapping out raw material origins and multi-tier supplier networks is resource-intensive but essential for effective forced labor due diligence.
• Public Reporting: Governments increasingly require public disclosures of modern slavery risk management. Notable examples include the UK Modern Slavery Act (2015), Australia Modern Slavery Act (2018) and Canada’s Fighting Against Forced Labor and Child Labour in Supply Chains Act (2023).¹⁹ Broader ESG and sustainability frameworks such as the EU Corporate Sustainability Reporting Directive (CSRD) also require companies to disclose human rights–related risks and impacts, with modern slavery identified as a potential material issue.²⁰

Data analytics offers a scalable and defensible foundation for managing modern slavery risk. By integrating internal Enterprise Resource Planning (ERP) data with structured external datasets, companies can identify high-risk entities, materials, and geographies, allowing compliance and responsible sourcing teams to focus resources where harm and enforcement is most likely.

This article outlines a pragmatic approach for leveraging data analytics to answer the following questions:

While this article does not cover the conduct of enhanced due diligence or social audits, it provides a roadmap for identifying which suppliers, materials, and transactions warrant closer scrutiny.

B. Entity-level Screening for Modern Slavery Risk

Entity-level screening has long been a core element of anti-bribery & corruption, anti-money laundering and sanctions compliance programs. These programs rely on structured, rules-based databases that flag sanctioned or otherwise high-risk individuals and entities. This infrastructure is increasingly being adapted for human rights risk, including the identification of suppliers or business partners linked to forced labor, child labor, or human trafficking.

Several government agencies, academic institutions, and NGOs now maintain lists of companies implicated in human rights abuses. These lists are often integrated into third-party screening platforms, enabling companies to automatically flag potential problem entities during vendor onboarding or continuous monitoring.

Key Sources of Entity-Level Modern Slavery Risk Data

• Sanctions Lists: Jurisdictions such as the United States, European Union, United Kingdom, Canada, and Australia maintain sanctions programs that target individuals and companies involved in human rights abuses.²¹ For example, the U.S. Department of the Treasury’s Office of Foreign Asset Control (OFAC) and Canada’s Global Affairs department have sanctioned Chinese manufacturing and tech firms tied to forced labor in Xinjiang. These official sanctions lists are commonly ingested by third-party compliance screening tools. Ensuring your screening system covers human-rights-related sanctions is crucial.
• Customs Withhold Release Orders (WROs): U.S. Customs and Border Protection (CBP) issues WROs to block imports of goods where there is reasonable but not conclusive evidence of forced labor in the supply chain. These orders name specific companies and/or commodities like cotton, palm oil, or polysilicon; products like rubber gloves which have seen multiple WROs in recent years; and products from specific regions (such as tobacco and tobacco products from Malawi). CBP also occasionally issues formal Findings (which escalate WROs into formal legal determinations). Check whether your third-party screening service provider can screen for entities that are subject to a WRO or Finding.
• Business & Human Rights Resource Centre Allegations Tracker: The BHRRC, an NGO, maintains a searchable tracker linking companies to public allegations of human rights abuses (including forced labor cases).²² This resource aggregates information from news reports, NGO investigations, and lawsuits worldwide. For any given company, one can see if there have been reported incidents (e.g., a garment manufacturer linked to forced labor in a supplier factory) and whether the company has responded. Investors and civil society widely use this tracker to monitor corporate human rights performance. Integrating such data helps compliance teams flag entities with a history of labor rights allegations.
• UFLPA Entity List: The UFLPA Entity List names specific factories, mines, and other entities in China (and potentially beyond) connected to forced labor in the XUAR region. Under U.S. law, goods sourced from these entities are presumed to be made with forced labor. Shipments from listed entities can be detained at U.S. ports. Importers must produce transaction-specific “clear and convincing” evidence that the goods are not made with forced labor for a detained shipment to bereleased. Tools are available that enable companies to screen not only their suppliers but also suppliers’ parents, subsidiaries, and other affiliates against the UFLPA Entity List.23 It is worth researching whether specific providers of these tools are viewed more credibly in your company’s sector.

By integrating these sources and other public data on human rights (including general adverse media), companies can create a robust entity-screening process for modern slavery risk. Compliance and/or responsible sourcing teams should validate whether their existing third-party screening tool integrates the above sources or can accommodate custom watchlists.

Additionally, because naming conventions can vary (especially with international subsidiaries or transliterations of Chinese names), strong fuzzy matching and alias detection are needed. Screening tools should be configured to catch variations in spelling, punctuation, and language. This may involve enabling transliteration matching for Chinese or Cyrillic names, using approximate string matching, and screening known alternate names. This also reinforces the importance of ensuring that vendor names in ERP master data are correct (and if using more than one ERP, consistent), and that aliases and local language names are included.

Integrity Bridge can support the selection, configuration and deployment of such advanced screening tools.

Enhanced UFLPA-Related Screening

Companies that have potential exposure to the UFLPA should consider incorporating additional entity lists into their screening solution:

• Sheffield Hallam University Forced Labor Lab: This academic center has published influential datasets and reports exposing corporate links to the Uyghur Region’s forced labor system. Two public datasets are widely cited and incorporated into third-party risk tools:²⁴
  • Companies Operating in the Uyghur Region: A public list of over 50,000 business entities (manufacturers, importers, construction firms, etc.) that have operations in the XUAR. This includes both Chinese companies and foreign companies with subsidiaries or facilities there, across sectors.
  • Companies Named in Reports or Programs: a second dataset of over 35,000 companies identified via media reports, academic research, or government programs as having accepted Uyghur workers through China’s controversial labor transfer schemes. This list spans mining, farming, textiles, tech, and other industries and flags entities potentially benefiting from coercive labor transfers out of Xinjiang.
• Uyghurs for Sale: ‘Re-education’, Forced Labour and Surveillance Beyond Xinjiang, Australian Strategic Policy Institute (ASPI), March 2020. This report documents how Uyghur laborers were forcibly transferred from Xinjiang to factories across China as part of state-run “reeducation” and labor transfer programs. ASPI identified at least 82 foreign and Chinese companies connected to these facilities through supply chains and estimated that more than 80,000 Uyghurs were transferred between 2017 and 2019. The report combines satellite imagery, Chinese-language sources, and corporate records to expose coercive labor practices beyond Xinjiang. The findings have informed enforcement action and updates to third-party screening platforms.²⁵

In addition:

• Conflict Minerals Reporting: conduct screening against those entities disclosed as part of conflict minerals reporting processes (see Section C below for further information).
• Entity Addresses may be a source of red flags. For example, consider using a free text search for addresses that include the term for “prison”.

Suppliers linked to the XUAR may use intermediaries, affiliates, or corporate restructuring to obscure their role in the supply chain. As such, entity screening should extend beyond the immediate supplier and include:

• Parent companies, subsidiaries, and JVs: Many suppliers operate as subsidiaries of larger entities. If a subsidiary is clean but the parent company is sanctioned or flagged, that is a compliance risk.
• Sibling entities: Suppliers with common ownership, board members, or directors may be tied to entities already identified in enforcement actions or exposed in media reports.
• “Ship-from” vendors and intermediaries: Your ERP system’s “ship-from” field may reveal that products are being routed through third-party exporters, brokers, distributors or shell entities. These intermediaries should be screened as they may serve to obscure the original source.
• Facility location risk: Even if an entity itself is not listed, any factory or warehouse located in a high-risk geography should be flagged.

Advanced tools use analytics, multilingual fuzzy matching, public records, beneficial ownership data, and customs records to identify hidden connections. These tools can detect non-obvious risks by:

• Linking different supplier records via shared ownership, bank accounts, or logistics patterns.
• Flagging previously clean suppliers that have recently acquired a facility in Xinjiang or have otherwise started sourcing from high-risk entities.
• Highlighting emerging risk based on proximity to listed entities or frequent transactional overlap.

These approaches move companies from a static name-based screen to a more dynamic network risk model, improving the chance of catching both known and emerging threats.

C. Idenyifying Tier-1 Suppliers of High-risk Raw Materials

While entity screening is an important first step, the aforementioned regulations and standards require companies to undertake deeper due diligence on those suppliers with elevated modern slavery risk. But where do you start?

For many companies this will involve looking at their direct, tier-1 suppliers of raw material inputs that are known to be high risk for forced and/or child labor. For example, consider:

• A car parts manufacturer directly purchases minerals or chemicals for its production. Are any of those inputs associated with forced labor in their countries of origin?
• A grocery retailer procuring produce directly from farms around the world. Which fruits or vegetables in which countries might be harvested using child labor or forced labor?

In these scenarios, the company can prioritize analytics on what they buy (“inputs”) and whom they buy from (the direct vendors), without needing to map every link in the supply chain. This involves:

• identifying all raw materials that your company purchases from suppliers.
• from that list, identifying:
  • those materials considered to have high forced and/or child labor risk; and
  • whether those high-risk materials are sourced from high-risk countries.

Classification of Raw Materials with Elevated Modern Slavery Risk

Governments, civil society organizations, and international institutions have published lists of goods and raw materials linked to forced labor or child labor. These lists can serve as a starting point for a company’s raw material risk analysis. Key resources include:

• U.S. Department of Labor – List of Goods Produced by Child Labor or Forced Labor: A comprehensive list covering over 200 goods from 80+ countries (as of 2024) identified by the U.S. Department of Labor’s research. For example, this list flags products like cotton from Uzbekistan, cocoa from Côte d’Ivoire, electronics from Malaysia, bananas from Ecuador, etc., as being associated with child or forced labor. If a company sources any of those goods or materials, it indicates a need for enhanced due diligence.²⁶
• Walk Free Foundation’s Global Slavery Index (GSI): The GSI provides country-level prevalence estimates of modern slavery and highlights key commodities at risk in different regions. For instance, the 2023 GSI spotlights garments from North Korea, fisheries in Taiwan, and palm oil from Malaysia as areas of concern. The GSI can help identify which materials and which source countries are high-risk.²⁷
• Responsible Sourcing Tool: This is a set of tools and databases (developed with support from the U.S. State Department and NGOs like Verité) that provide risk profiles for specific commodities and migration corridors. It includes detailed reports on sectors like electronics, seafood, apparel, and agriculture, outlining typical labor exploitation issues in each. A company can reference these profiles to understand what forced labor red flags are associated with a given material (e.g.,electronics manufacturing may involve debt-bonded migrant labor in Southeast Asia).²⁸
• Uyghur Forced Labor Prevention Act – List of High-Priority Sectors: As part of UFLPA enforcement, U.S. authorities identified certain materials as high-priority for forced labor enforcement in Xinjiang, notably cotton, tomatoes, and polysilicon (used in solar panels). These are presumed high-risk if sourced directly or indirectly from China. Any raw material screening should flag if you purchase these items (or products containing them) from suppliers that might be indirectly sourcing from Xinjiang.²⁹
• EU and SEC Conflict Minerals Regulations: Regulations like the EU Conflict Minerals Regulation (covering 3TG from conflict-affected and high-risk areas, known as CAHRAs) and the U.S. SEC rule on conflict minerals mandate reporting on the sourcing of certain minerals. Even if not directly applicable to all companies, these regulations define lists of higher-risk minerals and countries.
• Responsible Minerals Initiative (RMI) Reporting Templates:
  • To facilitate compliance with the SEC and EU conflict minerals disclosure requirements, the Responsible Minerals Initiative (RMI) developed the Conflict Minerals Reporting Template (CMRT), a standardized tool enabling downstream companies to trace 3TG in their supply chains back to the ultimate smelters or refiners, and to determine whether those facilities are certified under RMI’s Responsible Minerals Assurance Process (RMAP).
  • Building on the CMRT, the RMI released the Extended Minerals Reporting Template (EMRT), which supports reporting on cobalt and mica; minerals that, while not covered under current U.S. or EU regulations, are widely associated with child labor and forced labor risks, particularly in informal or artisanal mining contexts.³⁰
  • In addition, the RMI has developed an Additional Materials Reporting Template (AMRT) for companies to trace and assess sourcing risk for minerals not currently regulated. Although generic in design, the AMRT is recommended by RMI for priority application to aluminum, copper, iron, lithium, nickel, rare earth elements, and zinc. While these reporting efforts fall outside the formal scope of the U.S. and EU conflict minerals regulations, they serve to highlight minerals that merit enhanced due diligence.³¹

To support initial modern slavery risk assessments, Integrity Bridge has compiled a comprehensive list of raw materials with elevated modern slavery risk based on the above resources, that can be incorporated into your materials screening.

Using ERP Master Data to Support High-Risk Materials Screening

Many companies may be able to review the above lists of high-risk materials and quickly determine that they have little or no modern slavery exposure because they purchase neither these materials nor goods that contain such materials.32 For other companies it is not so straightforward. It requires a review of hundreds or even thousands of raw materials (not the complex sub-components inside finished products - these deeper layers will be addressed later via materials mapping).

Before initiating raw material risk screening, a company must assess whether (a) its single or multiple ERP systems each contain structured data about the raw materials being sourced from Tier-1 suppliers; and (b) materials classification is consistent between ERP systems.

Most ERP systems (e.g., SAP, Oracle) allow companies to record and categorize the materials they buy in a consistent way. When properly maintained, these fields can be used to identify and prioritize purchases linked to materials flagged for being associated with modern slavery risk. There are several master data fields that are especially useful:

• Material Group or Category: a high-level grouping of materials. (For example, in SAP the field MATKL denotes Material Group.) This might classify an item as Textiles, Chemicals, Metals, Agricultural Produce, etc. It can be useful for conducting broad materials risk assessment (e.g., flagging all items in the Textiles category for a check against cotton or wool risks).
• Material Type: a code for the type of material (SAP field MTART). For instance, distinguishing between raw materials, semi-finished goods, or services.
• HTS/Commodity Code: the Harmonized Tariff Schedule (HTS) code or similar commodity classification used in trade. These codes are standardized globally and can map to specific commodities. If your system captures HTS codes for purchased goods, it is extremely powerful for risk screening (since many risk lists, like the U.S. Department of Labor’s, are classified according to commodity type). Your supply chain or trade compliance team may already be improving and utilizing these codes to assess the impact of recent changes in global tariffs.
• Material Description or Specifications: a text field often containing the common name of the item (e.g., “organic cotton bale” or “copper cathode 99%”). A free-text key word can then be utilized for e.g., cotton, cobalt, leather.
• Industry/Manufacturer Classification: sometimes the material master will link to a specific supplier’s part/stock number which can embed what the item is. In addition, in certain industries, there may be a commonly used materials classification. For example, in the automotive sector, materials are often classified in ERP systems using the industry-wide International Materials Database System.

Choosing the appropriate scope and extent of screening is essential. If screening is undertaken too broadly (e.g. “agricultural products”), your screening results will include multiple materials that are not high-risk from a forced or child labor perspective. If you screen too narrowly (e.g., at an individual SKU level), certain high-risk materials might be missed. A practical approach is to screen at the material group or commodity code level, then drill down as needed. For instance, flag all items with HTS code 5201 (cotton) or in a “cotton or textiles” material group, and review those items’ descriptions to determine whether it is indeed raw cotton or a synthetic textile that was misclassified.

Several supply chain risk intelligence platforms offer material-level screening. These can automatically match your ERP’s material codes against lists of raw materials with elevated modern slavery risk. However, not all are configured to handle tariff codes. If your current tools do not support this, consider partnering with IT, Finance and Supply Chain to develop an in-house analytics tool to undertake such raw materials screening.

Well-structured master data is the foundation of any effective raw material risk screening process. When ERP fields such as material group, commodity code, and material description are clean and consistently maintained, companies can perform high-confidence screening to identify which Tier-1-sourced materials may pose a risk of forced or child labor. By linking ERP metadata to authoritative risk lists and screening tools, compliance teams can move beyond ad hoc assessments and toward a scalable, risk-based due diligence program.

Integrity Bridge’s database of raw materials includes a curated set of high-risk materials aligned to commodity/HTS codes, which can be directly mapped to ERP master data to facilitate targeted materials screening.

Classification of Countries & Regions with Elevated Modern Slavery Risk

Once a company has identified which raw materials are being sourced directly from tier-1 suppliers, the next step is to evaluate whether the countries these materials are being supplied from are high-risk from a forced and/or child labor perspective.

Several publicly available resources provide geographic risk indicators, linking specific countries to elevated risks of forced labor, child labor, or other forms of modern slavery. These resources can be grouped into the following categories:

Regulatory & Government Lists

• SEC Conflict Minerals Rule – Covered Countries: Rule 13p-1 under the Securities Exchange Act defines “covered countries” for 3TG (tin, tungsten, tantalum, gold) reporting. These include the Democratic Republic of Congo (DRC) and its nine adjoining nations: Angola, Burundi, Central African Republic, Republic of Congo, Rwanda, South Sudan, Tanzania, Uganda, and Zambia.³³
• EU Conflict Minerals Regulation – Conflict-Affected and High-Risk Areas (CAHRAs): The European Commission maintains a non-exhaustive list of CAHRAs, regions where armed conflict, violence, or systemic human rights abuses including forced labor are prevalent.³⁴
• U.S. Department of Labor – List of Goods Produced by Child Labor or Forced Labor: This widely used resource links over 200 goods from more than 80 countries to documented labor exploitation. It provides specific commodity-country pairings e.g., cotton from Turkmenistan, bricks from Pakistan, and cocoa from Côte d’Ivoire based on credible evidence of forced or child labor.³⁵
• CBP UFLPA Detention Dashboard: Under the UFLPA, the U.S. presumes goods produced in whole or in part in Xinjiang, or by entities on the UFLPA Entity List, are made with forced labor. The U.S. Customs and Border Protection (CBP) dashboard tracks detained shipments by country of origin. While China remains central, countries such as Malaysia, Vietnam, India, Thailand, Cambodia, Sri Lanka, and Nicaragua have also had shipments detained, primarily in the apparel, solar, and electronics sectors.³⁶

Tools and Indexes

• Responsible Sourcing Tool – Country Profiles: Developed in collaboration with the U.S. State Department and Verité, this platform offers commodity-linked risk assessments for goods like cotton, palm oil, bricks, seafood, and mica. Profiles cover local legal frameworks, enforcement weaknesses, and industry-specific labor risks.³⁷
• Walk Free – Global Slavery Index (2023): The GSI ranks 160 countries based on the estimated prevalence and vulnerability to modern slavery and the strength of their government responses. While not commodity-specific, it offers useful context for assessing jurisdictional exposure.³⁸
• Freedom House Index: This annual assessment evaluates political rights and civil liberties across nearly every country and territory worldwide, assigning scores that reflect the degree of freedom experienced by individuals. Countries rated as “Not Free” often exhibit weak rule of law, restricted civil society, and limited press freedom, conditions that frequently align with increased vulnerability to forced labor, trafficking, and other human rights abuses. While not specific to labor practices, it offers critical insight into the enabling environment for modern slavery risk.³⁹
• Heidelberg Conflict Barometer: Published by the Heidelberg Institute for International Conflict Research, this tool tracks global political conflicts and their escalation levels. Countries experiencing violent conflict or systemic instability may also exhibit increased risks of forced labor, particularly in extractive and agricultural sectors.⁴⁰
• Fragile States Index: Compiled by the Fund for Peace, this annual index ranks countries based on their vulnerability to collapse or conflict, including indicators such as security apparatus, human rights, and demographic pressures. High fragility often correlates with poor labor protections and greater risk of exploitation.⁴¹
• Transparency International – Corruption Perceptions Index (CPI): The CPI scores countries on perceived levels of public sector corruption. Weak governance environments may foster impunity for labor abuse and reduce oversight of high-risk sectors.⁴²

Integrity Bridge’s database of raw materials consolidates all high-risk countries identified in the above resources into one list, noting the identified at-risk materials for each country where appropriate.

Using ERP & Other Company Data to Support Geographic Risk Screening

Ethics and compliance professionals familiar with fraud and corruption risk assessments will recognize that geographic risk screening often begins with reviewing vendor-related metadata in the company’s ERP system. These data fields provide useful but limited insight into the geographic risk of directly sourced raw materials:

• Vendor Country Code: Derived from the onboarding address submitted by the supplier and stored in the supplier master file.
• Registered Company Address: Used for tax and legal correspondence, but not necessarily related to manufacturing or shipping locations.
• Vendor Bank Account Country: May indicate offshore payments or intermediary structures.
• Transaction Currency: Unusual pairings (e.g., a Chinese vendor paid in USD via Hong Kong) may signal hidden cross-border flows.

While these fields support basic geographic screening, they only serve as a proxy for the location of actual production. For a more accurate picture, companies should incorporate transaction-level metadata from ERP, transportation management systems (TMS), and/or trade compliance platforms. These include:

• Country of Origin: Declared by the vendor or shipper; used in customs filings and certificates of origin.
• Vendor Ship-From Location: Captured in purchase orders or advanced shipping notices (ASN); often tied to a specific port, warehouse, or factory.
• Country of Export / Manufacture: May be recorded in customs documentation or trade modules.
• Incoterms: Indicate the point at which goods transfer risk and responsibility; helpful for interpreting supplier control.
• Bill of Lading / Commercial Invoice Country Codes: Found in customs or freight documents, particularly when integrated with third-party logistics platforms.
• Batch-Level Traceability: Where implemented, links individual shipments or production lots to country-of-origin information. This can reveal whether raw materials were processed, blended, or relabeled in a third country.
• Bills of Materials: Suppliers have historically been reluctant to share BOMs with customers, but this is changing in response to regulatory and commercial pressures. Forced labor regulations, the EU Deforestation Regulation, and complex tariff frameworks (e.g., for products containing aluminum, steel, or U.S. content) are driving greater transparency. BOM data, when shared, can support granular mapping of sub-tier supply chains and help identify where raw materials were sourced, processed, or transformed.

Some of these fields are highly valuable for tracing upstream risk. However, they are often inconsistently populated or maintained due to reliance on third parties (e.g., customs brokers, contract manufacturers) and data fragmentation across multiple systems (e.g., ERP, TMS, compliance platforms). As such, compliance teams should assess both the availability and reliability of these fields and ensure proper governance protocols exist for their maintenance and validation. This system-maintained information may also be supplemented by supplier traceability information gathered for other purposes (e.g., responding to one-off customer requests, industry-specific regulation).⁴³

Finally, companies should holistically consider other potential sources of geographic sourcing information. For example, as part of the conflict minerals reporting process, companies will receive information relating to the location of smelters and any mines that fall within the scope of the reporting obligation.

Tier-1 Suppliers of Raw Materials: Concluding Thoughts

Provided the underlying ERP and transactional metadata is clean, complete, and consistently maintained, companies can perform a data-driven, defensible risk assessment of raw materials sourced from their Tier-1 suppliers. The core steps of this analysis involve:

• Matching the company’s list of directly procured materials using HTS or commodity codes against publicly identified high-risk materials.
• Screening the associated countries of origin against jurisdictions with documented exposure to forced labor, child labor, or broader modern slavery risks.

This initial intersection of material and geographic risk will yield a shortlist of materials and Tier-1 vendor-country combinations that warrant closer scrutiny. These high-priority pairings should serve as the foundation for enhanced due diligence.

Where the resulting list remains too broad to address all suppliers simultaneously, compliance teams should consider applying additional risk prioritization criteria. For example, greater priority may be afforded to suppliers falling into one or more of these categories:

• Strategic or operational materiality: Is the raw material essential to the company’s core products or production processes? Materials that are mission-critical or used in high volumes may warrant more immediate review.
• Spend concentration: Higher-spend Tier-1 suppliers of flagged materials may represent greater exposure, both in terms of business dependency and potential financial impact if issues are discovered.
• Historical grievance data: Have certain suppliers, materials or geographies been the subject of past allegations relating to working conditions, wages, or labor rights violations? If so, consider prioritizing diligence efforts on these.

Conversely, if a supplier holds credible labor or sustainability certifications (e.g., Fair Trade, SA8000, Rainforest Alliance, RMI, IRMA) this might suggest lower prioritization.

This layered approach allows companies to prioritize their limited compliance resources on where risk to people and to business is highest.

D. Supply Chain Mapping & Screening

Most companies, however, have much more complex supply chains with multiple tiers of indirect suppliers (sub-tier suppliers), including manufacturers and raw material producers. Moreover, as a rule, modern slavery risk tends to increase further upstream often in the earliest stages of raw material extraction, processing, or agricultural cultivation. This is why legislators, regulators, prosecutors, and NGOs are increasingly expecting risk-based screening and due diligence across the full supply chain, not just for direct suppliers.

This presents significant compliance challenges:

• Identifying all components and materials included in a finished product.
• Mapping all suppliers involved in the production of those materials at every tier.
• Monitoring changes to suppliers, facilities, or sourcing geographies over time, including temporary or undisclosed substitutions.

This complexity necessitates a risk-based and data-driven approach to the identification of modern slavery risk.

What Raw Materials Are in Your Extended Supply Chain?

For complex products such as mobile phones, electric vehicles, or industrial machinery, the Bill of Materials (BOM) – a detailed list or raw materials, sub-components, and assemblies that make up a product - may include thousands of components, presenting a multifaceted web of sourcing relationships.

Understanding the full BOM is essential to conducting a risk-based supply chain mapping process. For some regulations, such as the Uyghur Forced Labor Prevention Act (UFLPA) or the SEC Conflict Minerals Rule (13p-1), there is no materiality threshold. Even trace amounts of a flagged material can trigger disclosure obligations, enforcement risk, or reputational harm.

For product regulatory (e.g., REACH) or sustainability reasons (e.g., lifecycle assessments), other teams in the company may already maintain detailed records of material composition. Compliance and responsible sourcing teams should check whether such data exists internally before embarking on complex product mapping efforts.

There are several potential methods for identifying raw materials in company products:

• Bill of Materials (BOM) Supplied by Your Tier-1 Supplier: When a supplier sells a product to a company, it may include a supplier-generated BOM that outlines the inputs they used during manufacture. These documents rarely reveal the full set of raw materials involved; in particular, minor inputs falling below a certain percentage weight threshold may be excluded. If supplier BOMs are available in a structured format (e.g., stored consistently in ERP systems), they can provide a useful launch point for comparing against published high-risk material lists.
• Identification of High-Risk Materials in Other Documentation Supplied by Your Tier-1Supplier: if your ERP system supports the ability to conduct free text searches of electronic information and/or documents provided by your suppliers, you could consider running a curated list of high-risk materials against such records. However, such a broader approach could lead to a time-consuming effort to review results and provides no assurance as to its completeness.
• Virtual Bill of Materials (vBOM): Several companies are now leveraging data analytics to build virtual bills of materials (vBOMs). These tools use a combination of public trade data, industry knowledge, procurement records, and material science modeling to infer the likely raw materials present in each product or component. Once validated by the company’s product or sourcing teams, a vBOM can be screened against high-risk material lists, such as those published by the U.S. Department of Labor or the Responsible Minerals Initiative. This enables early-stage identification of potential exposures without requiring direct supplier disclosures.

Who Are Your Suppliers in the Extended Supply Chain?

Whichever method you decide to determine the full composition of your company’s products, the resulting list of materials can be compared against the list of high-risk materials addressed in Section C above. Primary suppliers of components containing these high-risk raw materials should be added to your list of suppliers requiring enhanced due diligence.

As indicated above, modern supply chains are often multi-tiered, and risks can be introduced at any tier. A company might have a clean Tier-1 supplier, but that Tier-1 could be sourcing from a dubious Tier-2. Therefore, mapping the extended supply chain (sometimes called Tier-2/3 mapping or supply network mapping) is an important next step.

Before launching a supply chain mapping exercise for modern slavery, it is again worth checking if other teams in your organization have already done similar work. For example:

• Your company may already maintain a limited form of supply chain map for the purposes of conflict minerals reporting and diligence.
• Climate action teams may be mapping Scope 3 carbon emissions, which requires identifying upstream suppliers and sources.
• Sustainability departments might be tracing supply chains for deforestation (e.g., knowing the farms or plantations behind products) or for ethical sourcing certifications.
• Procurement/Purchasing may collect mapping data for supply chain resiliency purposes.

Subject to that, there are three potential approaches to supply chain mapping:

Manual Supply Chain Mapping (Supplier Disclosure)

In an ideal world, every supplier would voluntarily disclose their suppliers (Tier-2), and those Tier-2s would disclose Tier-3, and so on, until you have a chain traced back to raw material origins. A successful example of this is the Responsible Minerals Initiative’s Conflict Minerals Reporting Template (CMRT) which many downstream companies (e.g., electronics firms) use to collect information from their suppliers on who the ultimate smelters of tin, tungsten, tantalum, and gold in their supply chain are, and whether they have been vetted by the RMI.

However, in most industries, getting full upstream transparency via direct supplier requests is challenging:

• Confidentiality: Suppliers may consider their sub-supplier relationships a competitive advantage or trade secret. They often worry that if they reveal their sources, the buyer might bypass them.
• Legal/Political Sensitivities: In some cases, conducting supply chain mapping and subsequent due diligence in compliance with forced labor laws can put suppliers in a difficult position. For example, a Chinese supplier might face state pressure or legal restrictions (under China’s anti-sanctions law) if asked to disclose information in compliance with foreign forced labor laws. Data security or privacy risks may also arise through the transmission of information between countries.
• Questionnaire Fatigue: The number of questionnaires received by suppliers has increased at an exponential rate in recent years. Unless it is contractually required, a supplier may simply not respond to a modern slavery inquiry if they see it as onerous or low priority, particularly if the associated spend with the requesting customer is low.

Where the risk is very high or the spend is strategic, companies might still attempt manual mapping through direct engagement. For instance, if a particular raw material is known to be high-risk and crucial to your product, the effort to manually construct the relevant supply chain through supplier engagement may be worthwhile.

Internal Data Analytics

Companies may possess more information about their extended supply chain than they realize. For example, Tier-2 or Tier-3 supplier names can sometimes be found in:

• Certificates of Origin accompanying shipments, which might list the true origin of a raw material or component.
• Customs import/export filings or bills of lading, which sometimes mention the original manufacturer or plantation.
• Product specification sheets or technical documents provided by the supplier, which might name a sub-supplier for a component (e.g., a battery spec that names the cell manufacturer).
• Quality certificates or testing reports, which could name the factory where a sub-component was made.

As with raw materials mapping, it is possible to run a list of at-risk entities against names of potential sub-tier suppliers extracted from ERP data and documentation submitted by Tier-1 suppliers. However, analyzing such unstructured data can be time consuming, will not provide a complete map, and may also result in false positives.

Virtual Supply Chain Mapping

To overcome the limitations of manual mapping, several third-party service providers now offer virtual supply chain mapping services that construct maps of tier-1/sub-tier suppliers using publicly available trade data and other records. Once the virtual map is constructed, the service provider can screen against the identified entities, materials & geography in the same way that we describe for tier-1 suppliers in Sections B & C above. However, virtual supply chain mapping does have its limitations:

• Virtual supply chain mapping shows potential supply chain links, not confirmed ones. A tier-1 supplier might source the same raw material from multiple places, not all of which is included in your company’s products.
• Many countries do not disclose detailed supply chain information publicly.
• Since international trade data generally serves as the main input for virtual mapping, virtual mapping might not track domestic sourcing by e.g., a manufacturing plant in China.

Despite these limitations, virtual mapping can dramatically enhance scale. Many companies use virtual mapping as an initial filter: flagging potential high-risk supply chain paths so that they can then approach relevant Tier-1 suppliers for confirmation as to whether sub-tier suppliers of concern are indeed in their extended supply chain.

E. A Holistic Data-driven Approach to Raw Materials & Supply Chain Mapping

From the above sections, it is clear there is no “silver bullet” solution to fully map and screen a company’s raw materials and extended supply chain for modern slavery. Relying exclusively on internal data, public data, or supplier questionnaires could either trigger too many false alarms or, worse, miss hidden risks.

A more effective approach is to combine multiple data sources and methods into a coordinated workflow. By using internal ERP data together with external risk databases and virtual supply chain mapping, companies can narrow down the universe of suppliers and materials to those that truly need closer scrutiny.

Below is an outline of a recommended collaborative workflow between a company’s in-house team and an external supply chain mapping service. It is a phased process to identify high-risk materials, map the upstream supply chain, and screen the entities and locations involved for any modern slavery red flags. Think of it as layering successive risk filters one after the other:

Holistic Workflow for Mapping & Screening Entities & Raw Materials

Data analytics is central to conducting scalable, risk-based modern slavery assessments. With a data-driven approach, you can leverage the vast amounts of available information to direct your due diligence efforts to where they are needed the most. By combining structured ERP data with external mapping services and regulatory intelligence, companies can more accurately pinpoint high-risk materials, geographies, and counterparties maximizing the effectiveness of their compliance efforts while reducing false positives.

Integrity Bridge helps organizations design, implement, and operationalize these analytics-driven workflows to bring visibility, rigor, and traceability to modern slavery risk management.

F. Modern Slavery Issues Associated With Transshipment

As regulatory scrutiny increases, unscrupulous suppliers have tried to obscure the true origin of goods linked to forced labor by using complex shipping routes. This practice, known as transshipment, involves routing goods through one or more third countries to disguise their actual origin before they reach their final market. For example, a company might ship cotton yarn produced in Uzbekistan (which has a known risk of forced labor) to a textile factory in Malaysia, then export the finished fabric from Malaysia to the U.S. hoping that U.S. Customs will treat it as Malaysian origin.

Transshipment has emerged as a major issue in enforcement under the UFLPA. The U.S. Department of Justice has similarly increased enforcement activity against customs fraud, targeting companies who have concealed the origin of products to evade higher tariffs.⁴⁴

In relation to the UFLPA, CBP has increased scrutiny in sectors where inputs from Xinjiang are being routed through third countries. Notable sectors include:

• Solar panels: After the introduction of UFLPA, CBP observed solar panel components (such as polysilicon wafers) originating in Xinjiang were being shipped to Southeast Asia (Malaysia, Vietnam), where they are assembled into panels and exported globally. Numerous solar imports have been detained due to suspected Chinese-origin polysilicon.
• Textiles and apparel: Evidence suggests Xinjiang cotton has been shipped to garment factories in Bangladesh, Vietnam, or Cambodia, from where finished products are exported. Turkmenistan cotton (also linked to state-imposed forced labor) has reportedly been blended into yarn in Türkiye and exported without disclosure.
• Electronics: Components originating from Xinjiang or other high-risk regions may be shipped to assemblers in countries like Taiwan or Mexico, with Malaysia and Thailand emerging as common transshipment hubs for sensitive electronics.

These tactics represent deliberate efforts to undermine origin-based trade restrictions and pose significant compliance challenges.

Using Data Analytics to Manage Transshipment Risk

Companies can draw on a growing range of tools and analytics strategies to assess and manage transshipment risk.

Internal ERP and Trade Compliance Analytics

Many organizations begin by examining existing metadata within their ERP and trade compliance systems. Common methods include:

• Geographic Pairing Checks: Screening for high-risk combinations of product and declared origin - for example, cotton yarn from Vietnam or polysilicon from Cambodia - which may be inconsistent with local production capacity and merit further review.
• Trade Flow Analysis: Identifying anomalies in export/import data, such as sudden increases in exports of a material from a country that has little or no domestic production capacity (e.g., solar panels from Vietnam spiking after polysilicon import volumes rise).
• Supplier Behavior Profiling: Flagging vendors who frequently shift their sourcing geographies, provide incomplete or evasive origin documentation, or are in known transshipment hubs.
• Country-of-Origin Metadata: Reviewing fields such as bill of lading data, certificate of origin, HTS codes, and shipping declarations to confirm whether declared origin aligns with known global trade patterns for that commodity.

While these ERP-driven checks can provide useful signals, they are often limited by incomplete or inconsistent data, and by the absence of visibility beyond Tier-1 suppliers.

Graph Analytics and Multi-Tier Network Mapping

Graph analytics offers a more sophisticated and scalable approach to identifying transshipment risks in multi-tiered supply chains. By modeling the supply chain as a network of nodes (entities) and edges (relationships), graph analytics enables deeper detection of hidden connections and suspicious routing patterns.

Key capabilities include:

• Pattern Recognition: Identifying shipping or supplier behaviors consistent with transshipment, such as unusually circuitous routes or common intermediary nodes used across unrelated suppliers.
• Anomaly Detection: Detecting sudden changes in routing or the appearance of new intermediaries that break previously stable sourcing relationships, often early indicators of an attempt to obscure origin.
• Multi-Tier Visibility: Visualizing Tier-2, Tier-3, and Tier-4 relationships, including facilities and logistics providers that may serve as waypoints in transshipment schemes.

By way of example, graph mapping might reveal that multiple Tier-1 suppliers use the same Tier-2 intermediary in Thailand, which is known to blend materials from Xinjiang before export. Or it might detect a change in shipping patterns following the release of new sanctions or enforcement actions.

G. Service Providers With Elevated Risk of Modern Slavery

While much attention in modern slavery compliance focuses on manufacturing and raw material supply chains, companies must also consider outsourced service providers. Forced labor risks can arise with any service that involves low-skill labor by migrant workers. For example:

• Temporary Staffing Agencies e.g. those supplying warehouse workers, janitors, or logistics labor. Such work is often filled by migrant workers who may be indebted to recruiters or under threat of deportation. Unscrupulous staffing firms have been known to confiscate passports or underpay workers, creating forced labor situations.
• Cleaning and Maintenance Contractors especially for remote sites (like mining camps) or high-security environments. Janitorial staff in buildings, or maintenance crews at facilities, often work at night or out of public view, and may be outsourced through multiple layers. Cases of forced labor have been documented among cleaning staff in places ranging from hotels to government offices.
• Construction Firms particularly in large infrastructure or extractives projects. Construction frequently employs migrant labor, and there have been numerous reports of debt bondage and poor conditions (e.g., in Gulf countries, construction workers from South Asia were found in forced labor-like conditions under the kafala system).
• Security Services - guards and security personnel, especially in unstable regions or when provided by private military contractors. These guards can sometimes be migrants or from marginalized communities, vulnerable to abuse by their employers.
• Agricultural Labor Providers – farm labor contractors who supply seasonal workers for planting or harvest. Agriculture is a high-risk sector for forced labor (e.g., migrant farmworkers under debt to crew leaders). Even if a company only hires a farm labor crew for corporate campus landscaping or experimental farms, those workers could be exploited by their labor contractor.
• Logistics and Shipping Firms – particularly those using crews on ships (fishing or merchant ships) registered under flags of convenience. Seafarers and fishing crews are known to face forced labor and trafficking in some cases. If your company contracts shipping or fishing vessels indirectly, there could be risk.
• Hospitality and Catering Services – outsourced cafeteria staff, hotel workers for corporate travel, etc. There have been incidents of forced labor in hospitality (like trafficked individuals in hotels or catering) that could indirectly involve major companies through vendors.

Workers in these sectors frequently face the classic red flags of forced labor: restricted movement, withheld wages, lack of grievance mechanisms, and threats of retaliation. Because services are often delivered on-site, labor abuses can occur within a company’s operational footprint, without appearing on a supply chain map.

Using Data Analytics to Identify High-Risk Service Providers

Unlike goods procurement, service-sector risks do not often appear in traditional material-based screening. However, spend analytics (when combined with targeted supplier categorization) can be a powerful tool.

Flag High-Risk Spend Categories

Consider partnering with Finance, Procurement, and IT to identify General Ledger Account (GLA) codes or spend categories linked to outsourced services. Focus on terms like:

• "Facilities Cleaning"
• "Catering / Food Service"
• "Temporary Labor"
• "Security Services"
• "Logistics – Trucking / Maritime"
• "Freight Forwarding / Customs Brokerage"

Overlay with Anti-Bribery Due Diligence

Many of these same vendors (e.g., construction contractors, freight forwarders) may already be flagged in your anti-corruption program as government-facing or third-party agents. Use this existing intelligence to create a composite view of vendor risk, making sure that your screening & due diligence tools are appropriately configured to capture modern slavery risk.

Monitor Subcontracting and Labor Brokers

If a known service provider operates via labor agencies or subcontractors, these intermediaries should also be identified and reviewed. ERP vendor hierarchies, purchase order terms, or supplier onboarding records may reveal useful relationships.

As with raw materials, no single data source is definitive; but triangulating financial data, geography, and service category creates a practical path for surfacing hidden risk. The goal is to move beyond anecdotal assessments and apply structure: which services, where, through whom, and at what level of spend?

Integrity Bridge helps clients develop screening strategies for high-risk service categories and align their approach with industry frameworks. We support the integration of forced labor risk indicators into screening, diligence and third-party onboarding platforms.

H. Recommended Next Steps

Modern slavery risk management is evolving fast. Enforcement is rising. Expectations are shifting. Data is plentiful but fragmented. Companies are being asked to do more, and to do it smarter.

This article has outlined how data analytics can help compliance teams cut through the complexity. Whether you are screening Tier-1 suppliers; mapping raw materials; reviewing country-of-origin fields; or tracing extended supply chains, the goal is the same: identify where modern slavery risk is most likely to be present and focus your due diligence efforts there.

But the use of data is not an end in itself. It is a tool, one that allows companies to manage modernslavery risk in a scalable, defensible way. The real value comes when analytics drive action.

As a practical next step, start simple and improve over time:

• Review the materials, services, countries, and suppliers flagged as high risk under existing laws and databases.
• Assess whether your current systems and data fields (ERP, procurement, logistics) can support structured screening at the supplier, material, and geography level.
• Identify where third-party datasets, virtual mapping or screening platforms could close visibility gaps, especially for bills of materials and sub-tier suppliers.
• Bring together procurement, compliance, and sustainability teams to agree ownership of the process, and to align analytics with broader ESG or sourcing goals.

No company can eliminate all risk. But with clean data, clear priorities, and a well-structured analytics workflow, you can significantly reduce blind spots and build a stronger foundation for ethical sourcing.