We aim to uphold good governance practices within our supply chain. We seek to procure from suppliers that meet our business objectives and align with our values, and we manage existing suppliers to verify compliance with our policies and contractual requirements.
Our Supplier Code of Conduct holds suppliers to the same ethical standards as our team members. The Supplier Code of Conduct has been incorporated into the Maxar contract templates. By accepting Maxar’s contract, suppliers agree to follow the Code. Our Compliance Team contracts with an independent third party to continuously monitor select existing suppliers for risks including those related to unethical conduct.
Maxar’s Cybersecurity Program protects the assets, data and information of our team members, business, customers and partners on our network. We strive to educate our supply chain on the importance of adhering to cybersecurity controls and solicit questionnaire responses from our partners and subcontractors regarding their security posture.
Our Supplier Code of Conduct and contractual terms and conditions set clear expectations for suppliers to protect our confidential, proprietary and personal information. We prohibit suppliers from using Maxar information for any purpose beyond the scope and purpose of the parties’ supply agreement. Suppliers must also respect the rights of third parties, including third-party intellectual property. Third-party risk is assessed prior to a supplier processing, storing or transmitting Maxar information.
Maxar expects suppliers will implement practices and procedures to ensure the security of their supply chain. Suppliers and their upstream suppliers who either ship directly or package goods for shipment must comply with all requirements of SAFE Framework security programs of the destination country. Such programs include, for example, the Customs-Trade Partnership Against Terrorism Initiative of the U.S. Department of Homeland Security and other Authorized Economic Operator programs.
We also expect suppliers to develop, implement and maintain methods and processes appropriate to their products and services to minimize the risk of introducing counterfeit parts and materials into deliverable products. Effective processes should be in place to detect counterfeit parts and materials, as well as to mark parts obsolete as appropriate.
Maxar’s suppliers are responsible for safeguarding and protecting all information provided by Maxar, as well as information generated or developed in support of Maxar programs, from unauthorized access, destruction, use, modification or disclosure. Critical suppliers must have risk-based cybersecurity programs designed to mitigate threats to their information systems, products, services and supply chains and to comply with all applicable contractual and legal requirements. Maxar requires suppliers to self-certify their status related to recognized standards.
We protect human rights across our company, and we expect the same of our partners, vendors and suppliers. Maxar’s policies, practices and procedures reflect a strong commitment to human rights as set forth in the United Nations Universal Declaration of Human Rights. As communicated in our Anti-Human Trafficking and Slavery Statement as well as our Human Rights Statement, we prohibit harassment, bullying, discrimination, use of child or forced labor or trafficking in persons for any purpose.
Maxar will not tolerate human trafficking, child labor or slavery in any part of our global organization or that of our suppliers. Additionally, Maxar expects suppliers to provide a healthy, safe and productive workplace where their team members and representatives are treated with respect, appreciation and dignity.
We recognize the value of working with diverse suppliers to promote resilience within our supply chain. Maxar abides by supply chain diversity requirements where applicable and expects the same of our suppliers. Most customer-directed supplier diversity goals necessitate the utilization of U.S. suppliers, both by Maxar and our suppliers. Consistent with customer contractual requirements, Maxar policies require maximum practicable opportunities to have small businesses participate in performing contracts under federally funded programs including businesses in the various socioeconomic categories: small disadvantaged businesses, women-owned small businesses, HUBZone small businesses, veteran-owned small businesses and service-disabled veteran-owned small businesses.
To help achieve our supplier goals, Maxar regularly participates in government-sponsored supplier and industry conferences and provides counsel for small businesses on the basics of government contracting and how they can become a qualified supplier for Maxar.
Maxar conducts due diligence to assess risks associated with third parties, including the third party’s ability to comply with global anti-corruption and anti-bribery laws, such as the Foreign Corrupt Practices Act, the UK Bribery Act, Canada’s Corruption of Foreign Public Officials Act and the OECD Anti-Bribery Convention.
During the supplier screening process, select third parties are required to submit business information via a SaaS‐based interface called Navex RiskRate. The information collected is used to better understand the risks associated with a potential supplier. For example, Maxar asks suppliers to identify if the organization conducts business in any Tier 1, Tier 2, or Tier 3 countries on Maxar’s Higher Risk Countries Annex. These countries are determined to have heightened exposure to compliance, security and human rights risks.
Once the supplier screening information is received by Maxar’s Compliance Office it will process the request and the third party must complete an online questionnaire. Upon receipt of submitted responses by the third party, Compliance will review a risk assessment report and apply risk-based criteria. Finally, the Compliance Office will advise of its recommended approval or denial based on risk. Due diligence renewals are based on risk. Higher-risk third parties should be reviewed annually while medium- to low-risk third parties should be reviewed prior to contract renewal.
The Maxar Compliance Office uses the RiskRate tool to continuously monitor available information on third parties for whom due diligence have been performed. If this monitoring reveals derogatory information about an approved third party, or if the Compliance Office acquires any other pertinent derogatory information, Maxar may initiate renewed due diligence checks under this procedure.