“How well do we know our suppliers?” This is a frequent question among procurement and sustainability teams, but it often avoids the deeper and more threatening aspects of the issue. This is mostly because their progress of keeping scorecards, questionnaires, or supplier codes of conduct stops where their direct suppliers are involved. In reality, the risk sits deeper than the Tier 1 suppliers, with those ones invisible, namely Tier 2, Tier 3, and beyond.
Most of the hidden upstream exposure, such as labor violations, a major portion of scope 3 emissions, or unsafe chemical use, is concentrated in these tiers, as organizations are not regularly monitoring their full supplier network, causing serious supply chain disruption.
Nonetheless, as soon as procurement and sustainability teams shift their focus to greater accountability, they can achieve increased visibility in a practical manner without swamping the business.
Before getting to the how-to-do-it, it’s important to understand why the blind spot for Tier 1 Suppliers matters and why it’s harder to close than most businesses assume.
Talking about visibility in a supply chain means that organizations do understand and monitor their direct suppliers and involve suppliers to their tier 1 suppliers as well as further upstream entities involved in producing materials or services (tier 3).
When it comes to reporting, many companies have the perception that they are ready, but this is not reflected on the data. According to Ecovadis, 95% of companies have visibility into their Tier 1 suppliers, but the figure drops to just 42% for Tier 2 and beyond, and Tier 3 remains largely opaque for most organizations. Although there are sustainability policies in place and awareness of how important ESG factors are in the purchasing decisions, actions and data are limited to just a fraction of the supply base.
Sustainability risks emerge in parts of the supply chain where the view is not manageable. At least it appears to be weaker. These include forced labor, unsafe working conditions, deforestation, and environmental degradation, which usually occur deeper in the chain. If we add Scope 3 emissions, the picture is reinforced. Although it is documented by now how scope 3 emissions surpass (almost 26 times greater) the company’s direct operational emissions, the percentage of the businesses actually measuring them is still lower than 50%. The largest carbon stories are written in the hidden parts.
This lack of an active systemic process to map and monitor the entire supplier network explains the disruptions and upstream exposure. So, under the business radar, more environmental incidents, labor violations, and material shortages take place beyond Tier 1 suppliers. But by the time they surface, the damage—reputational, operational, or financial—is already in motion.
It is genuinely accepted that extending visibility across the full supply chain network, beyond Tier 1 suppliers, is significantly difficult. However, following up with random solutions can only work as a bandage, so it is wise for businesses to consider the hard aspects on time.
Usually, sub-tier suppliers are not positive in sharing information mainly because they are worried about exposing proprietary or competitive data or that buyers may bypass existing relationships. A long-built-in mentality still suggests that being transparent is the opposite of being protected.
In addition to pushback from suppliers, the problem is structural. For most organizations, there is no legal influence for Tiers 2 and 3. Data requests have to be controlled; they slow things down and make the data less good; ongoing insight is not feasible. Annual questionnaires sent to direct suppliers tell you very little about what is happening two or three steps upstream, and by the time results are reviewed, the picture has already changed.
Most of the time, the problem lies in the failure to establish the appropriate infrastructure and methods, which require time to be tested and improved, rather than in the willingness to commit.
Regulations have been introduced to eliminate the opportunity for inaction, making it crucial to begin understanding the barriers rather than using them as excuses. Then the path to more profound visibility will be easier.
Many organizations have been waiting for clearer guidance before acting, but time is not on their side. The EU Corporate Sustainability Due Diligence Directive—CSDDD or CS3D for short—is the most important piece of supply chain legislation to come along in recent years, and its direction of travel is clear: companies will be held accountable for what happens across their value chains, not just within their own operations.
At its core, CS3D requires in-scope companies to actively identify, prevent, and mitigate human rights and environmental risks throughout their supply chain activities and to demonstrate that they have done so. Unlike reporting frameworks that ask companies to disclose sustainability information, CS3D requires businesses to act, making it a directive about operational change, not just transparency.
The final text of the Omnibus I Directive, which introduced significant amendments to CS3D, was published in the Official Journal of the EU in February 2026, narrowing the scope and adjusting thresholds. The revised directive now applies to companies with more than 5,000 employees and a net turnover above €1.5 billion. Non-EU companies meeting equivalent turnover thresholds in the EU market are also in scope. Formal compliance is required starting July 2029.
This date may seem far away, but it is not, as EU Member States are now transposing CS3D into national legislation and have until July 2026 to do so. This is a sign of how the legislative framework is being integrated into domestic legal systems today. Supplier mapping, risk assessment methods, and due diligence documents all require a lot of time to get right. Think about 2029 as the finish line, and chances are that many organizations ignoring it will be caught flat-footed.
For procurement teams specifically, the practical implication is clear: they must build visibility beyond Tier 1 suppliers, which is no longer a strategic ambition. For a growing number of organizations, it is a legal requirement in the making.
It is not any easy task to manage visibility in the whole supply chain. It requires time and effort and mostly knowing where they should start their focus.
A few paragraphs cannot encompass a complete guide for transformation, but there are useful steps to consider as an initial direction.
1. Map by risk, not by volume.
Assess risks first, so target the suppliers that are more likely to be linked to these. Map your most material spending categories and identify which carry the greatest risk based on geography, commodity type, or industry sector. A supplier representing a modest share of spend but sourcing from a high-risk region warrants more scrutiny than a high-volume, low-risk relationship. Not every product line needs Tier 4 visibility. Focus resources where exposure is greatest.
2. Move from self-reported data to primary evidence
Most organizations currently rely on supplier-completed questionnaires as their primary source of sustainability data. This is a reasonable starting point at Tier 1, but it loses reliability quickly as you move upstream. Rather than accepting industry averages, engage directly with high-risk suppliers and request primary emissions and performance data. The quality of your decisions is only as good as the quality of your inputs.
3. Replace annual reviews with continuous monitoring.
A point-in-time assessment tells you what a supplier looked like on the day they completed a form. Moving from static annual assessments to real-time monitoring allows organizations to anticipate upstream risk before it affects production, margins, or regulatory exposure—rather than discovering it after the fact. This shift does not have to happen all at once; prioritize continuous monitoring for your highest-risk supplier relationships first.
4. Build supplier capability, don’t only audit it.
Auditing identifies problems. It does not solve them. Supplier enablement—through training, incentivization, collaboration, and shared data is what drives coherence and real impact across the value chain. Suppliers who know what is expected of them, and who have the tools to meet those expectations, are more likely to deliver meaningful progress than those who only encounter their buyers during audits.
None of these steps requires a full technology overhaul to begin. What they need is a conscious choice to view supply chain visibility as a continuous management practice, rather than just a yearly task to check off and forget.
The gap between sustainability intent and supply chain reality is a structural problem, not a communications one. Going deeper means learning first how to identify and evaluate ESG risks in supplier chains so you can move then into building transparent and circular supply chains through collaboration and innovation. Our accredited course on Sustainable Supply Chain Management is a fast and operational toolkit for teams ready to move beyond Tier 1 suppliers and get prepared for how rules like CSRD and CSDDD will impact their supply chain management.
