World Cup soccer is just around the corner and I can look forward to being bombarded with news about a sport I know nothing about. It is really hard to ignore, however, given the large numbers of people who follow soccer. Trying to bury my head in the sand is not a good strategy so I did some research and found an article at dummies.com to help me better understand the upcoming event. Compliance strikes me as having similar traits to FIFA World Cup. It is mostly driven by international elements and there are large numbers of people who are moving towards enhancing and increasing regulation governing the materials that are used for product development and finally it is getting harder and harder to ignore it. Intel announced their intention to move away from Conflict Minerals and NPR actually dedicated an entire broadcast to the topic. Over the past six to nine months we have found that an increasing amount of companies are starting to consider more sophisticated strategies to deal with what seems to be a never ending stream of compliance regulations. These companies are forced to reconsider how they deal with the increasing overhead of satisfying regulatory agencies and their appetites for data. Product Lifecycle Management (PLM) applications seem to be a logical resource to leverage in providing automation for these compliance standards. This article will review our approach to educating our clients on how best to utilize PLM as a means to alleviate the costs and time associated with compliance for regulatory standards like RoHs, REACH, and Conflict Minerals.

I did actually google compliance for dummies and there is a book titled Information Governance for Dummies. I am sure it is a fine and helpful book but I doubt it mentions much about PLM systems or how they can be leveraged to assist with reporting for compliance. Most of the major PLM tools now have some sort of compliance module or claim to support compliance through functions in their core system. I checked AgilePLM, Enovia, TeamCenter, Windchill , and even Arena and all had information on how their applications provide functionality for compliance. Typically, when we talk about compliance there are two types for product development. If you are a Life Sciences company you have FDA Part 11 compliance. This is very specific and only applies to companies that manufacture medical devices or pharmaceuticals. Most companies are more concerned about material compliance which is associated with regulations like RoHs and REACH and most recently Conflict Minerals. Before we further discuss PLM’s ability to assist with compliance, let’s better define the current regulations and what they are.

RoHS or the Restriction of Hazardous Substances Directives, which is actually short for the restriction of the use of certain hazardous substances in electrical and electronic equipment, was adopted in February of 2003 by the European Union. It specifies six hazardous materials that can be particularly damaging to humans and the environment if not handled correctly. When these regulations first came out there was a lot of buzz around them since they were some of the first all-encompassing regulations for product development. Some companies got caught by surprise and there were high profile enforcement events that were fairly expensive for the offending companies. But for the most part the best way to address these standards was to make sure your products didn’t use the six substances listed in the regulation. The offending substances were Lead, Mercury, Cadmium, Hexavalent chromium, Polybrominated biphenyls and Polybrominated diphenyl ethers. Supply chains quickly adapted and in fairly short order it was a pretty straightforward exercise to manufacture products without these materials. The anticipated need for PLM systems to manage material in this situation never materialized.

REACH or Registration, Evaluation, Authorization, and Restriction of Chemicals came out of the EU in 2006. This standard is a little trickier to comply with than RoHS. First, it changes frequently. The list of chemicals is adjusted based on the decisions of the governance committee that oversees the regulation. Second, the number of substances is substantially more than RoHS’ six. REACH has 168 (as of 01 January 2016) substances of very high concern (SVHC). Finally, the standard does not ban the substances outright. It introduces reporting requirements if your product contains an SVHC substance above a certain threshold value. Besides reportable SVHC substances, REACH also maintains a list of authorized substance whose use is granted on a per company basis and a set of restricted substance. The nature of this standard makes it much more appropriate for leveraging a PLM solution to assist with compliance. Unfortunately, when the standard came out most of the PLM solutions lacked the rollup capabilities needed to calculate substance amounts. This has been remedied in most PLM solutions including Oracle’s Agile Product Governance and Compliance module. Most companies that are hoping to export into the European Union now must comply with this regulation. Moreover other countries and even some US states are starting to adopt similar legislation. The reason a PLM tool is useful for this type of regulation is that you already have the parts list or bill of material. Attaching specific material attributes to this list along with the ability to calculate amounts would seem like a natural function for PLM. The difficult piece is once the items start shipping into different countries. This aspect is usually under the auspices of an ERP system. We have worked with companies that use both PLM and ERP to assist with their compliance reporting.

The final and most recent of the high profile compliance regulations is Conflict Minerals. This regulation is actually US based and has more direct impact on companies here in the states. The law was piggybacked into the Dodd-Frank Wall Street Reform and Consumer Protection Act when the standalone version died in committee. The Security and Exchange Commission is the enforcement agency and the details are still being worked out. The intent is to discourage the use of minerals sourced from areas controlled by warlords in the Democratic Republic of Congo that use the proceeds generated from the sales to inflict more pain and suffering on those they oppress. It is also meant to take away the incentive for these warlords to seize mines and enslave local populations. As with REACH the law does not outlaw the use of any substances it merely wants the use of these minerals documented and the sources of the minerals reported. The minerals are Columbite-tantalite, Cassiterite, Wolframite, Tin, Tungsten, Tantalum, and Gold. The law applies to any of these minerals that originate from the Democratic Republic of Congo and 9 adjoining countries in East Africa including Angola, Burundi, the Central African Republic, the Congo Republic, Rwanda, Sudan, Tanzania, Uganda and Zambia. This regulation is aimed at both US Based and Foreign Companies but it mainly concerns any company that is publicly held due to the due diligence reporting required as part of their annual reports to the SEC. The reporting requirements will rapidly migrate down the supply chain to companies not publicly listed and to foreign companies. Again, PLM can be useful in documenting the supply chain for any materials included in BOMs for designs. There are issues with gathering this information in an efficient way since this type of data is not necessarily tracked in the supply chain like other information. Most PLM tools are still playing catch-up to this regulation and lack some needed functionality to fully address the requirement.

This leads to a philosophical discussion about compliance. The strategy of trying to build in specific functionality for regulation in the PLM system is really a flawed approach. The development cycles for most PLM tools are in the 2-3 year range for new functions and new regulations are popping up at an increasingly frequent rate. Moreover, the time and money a company would spend trying to tailor a system to address a specific regulation could be substantial and given the climate things could change before they even finished. Oracle has also recognized this trend and has started to develop their compliance module as more of a platform that can be leveraged for various regulations rather than specific laws. The common elements among compliance regulations are the need for specific attributes with the ability to calculate and report amounts. Additional specific workflows and object types also prove useful. The reports for this area are also more specific to the needs for satisfying auditors or external agencies. We have also added import capabilities to this additional functionality. Zero Wait-State developed an application called LoadState that allows you to import information directly from suppliers and part aggregators, like Total Parts Plus, straight into the compliance module. We demonstrated this with Sub-Zero/Wolf at the Value Chain Summit. The key is recognizing that having a system in place for addressing compliance is a better strategy than depending upon brute force staffing to deal with the issue. A system for compliance needs to be integrated in with the enterprise so that information on parts list and manufacturing suppliers can be leveraged for compliance automation. Stand-alone systems would require redundant entry of data and would not scale with the enterprise. PLM is ideally suited for compliance because of the information it captures, so it makes sense that PLM vendors have developed this module and are working to incorporate compliance into their overall PLM offerings.

Much like FIFA World Cup, compliance is coming whether you like it or not. Exemptions are expiring and new regulations are coming. If you managed to avoid the issue, it won’t last forever. While the information here is far from comprehensive hopefully like the World Cup for Dummies article I found it will give you enough information to better explore your company’s options going forward. PLM is a great tool to assist with compliance and should be part of your strategy for 2016. Having an overall platform that can address both present and future needs around compliance should be a key business initiative for 2016, if you have not already put plans in place. 

[Edit: Repost from 2014 updated]