LockPath, a GRC solutions provider, is helping companies comply with the Security and Exchange Commission's recent conflict minerals rule through its Keylight Conflict Minerals platform.

As Compliance Week previously reported, the SEC issued a final rule in August 2012 requiring companies to publicly disclose their use of certain conflict minerals, including tin, tantalum, tungsten, and gold.

The rule, mandated by the Dodd-Frank Act, requires all public companies to submit an annual conflict minerals report to the SEC if these minerals are "necessary to the functionality or production" of a product they manufacture or contract to have manufactured.

Complying with the rule requires companies to track their entire supply chain back to the country of origin by aggregating data from multiple systems, assessing suppliers, and aggregating this data for their SEC filing. The rule applies to companies across a number of industries ranging from technology to healthcare, and retail to manufacturing. For instance, electronic devices such as cell phones and laptops often include these minerals, and clothing retailers frequently use tin as a stabilizing agent to make denim.

The problem: "The vast majority of businesses do not know whether or not companies in their supply chain use conflict minerals and are not prepared to meet the new reporting requirements," said Chris Caldwell, CEO of LockPath. With Keylight's Conflict Minerals Solution, companies can track their supply chains back to the source of the minerals, analyze the risk level of each third-party vendor, and report to the SEC on their conflict mineral status.

"By leveraging the Keylight solution for conflict mineral compliance, companies can engage suppliers early by providing their staff with the tools necessary to create and manage these assessments securely and successfully, and meet this upcoming deadline," Caldwell added.

Keylight's Conflict Minerals Solution enables its users to:

I. Issue and manage assessments

Present suppliers with policy and expectations before sending a formal assessment with an attached due date;

Manage the complete supplier assessment process by giving staff the tools to create and manage assessments, and providing suppliers with a secure extranet for answering assessments;

Gain complete visibility to the assessment process, including real-time metrics around assessment progress;

Segment suppliers by region, business unit or other methods under the notion that organizations have unique needs; and

Score supplier assessments to indicate the risk that conflict minerals are present in their products and create findings for companies to begin the remediation process;

II. Address high-risk suppliers

Automatically populate risks based on supplier surveys and allow your company to track remediation of high risk suppliers;

Analyze the risks that a company's suppliers present and determine next steps for remediation; and

Classify and schedule assessments for a company's entire supply chain and automatically issue assessments and follow-up assessments to suppliers.

III. Audit and report

Build, maintain and export various reports and dashboards for executive visibility and SEC reporting;

Maintain a complete history of due diligence activities; and

Refresh data in real-time so that as you are working with your auditors you can tweak information presentation and reports to suit their needs.

The solution can be integrated harmoniously with existing enterprise resource planning systems already established within a company, allowing for smooth supplier relationship management. Additionally, because the solution is built on three Keylight applications, companies can use the same tools to meet regulations outside of conflict minerals. Existing customers do not need to purchase a new solution, and new customers can make a smart investment towards future compliance needs.