Foreign Suppliers: What Happens When You Skip Due Diligence and Risk Rating? - Lesson From the Mattel/ Fisher-Price’s 100M case
Supply chain compliance looks simple on paper. You send a list of approved vendors. You ask for certifications. You check a box. But what happens past the first tier — where you can’t see, audit, or control what your supplier’s supplier is doing?
The Mattel case is a clear answer to that question.
But one subcontractor quietly switched to an unapproved supplier to cut costs. Lead content in some toys was over 180 times the legal limit. Mattel didn’t know. No one was checking past the first tier.
Paper compliance without real visibility can become a multimillion-dollar trap.
Why This Matters More Now
The Mattel story is from 2007. But the legal landscape around foreign supplier accountability has only become more demanding.
Global disruptions pushed companies toward reshoring and supply diversification. But trade compliance grew more complex in parallel.
Here is what the current legal environment looks like:
•UFLPA (Uyghur Forced Labor Prevention Act), enforced since June 2022, flipped the burden of proof. Products made in the Xinjiang Uyghur Autonomous Region are legally presumed to violate U.S. law unless you can prove otherwise — with documentation, across every tier of your supply chain.
•Courts are paying attention. In Limbu & Ors v Dyson Technology Ltd [2023], Nepali and Bangladeshi workers sued Dyson in UK courts over labor abuses by a Malaysian supplier.
What Does Supplier Risk Rating Actually Mean?
From what established frameworks suggest — risk rating a foreign supplier usually breaks down into tiers.
🟢 Low Risk
Established supplier. Audited. Stable jurisdiction. Documented compliance history. Even at this tier, thorough contract structuring and ongoing monitoring are essential.
🟡 Medium Risk
New supplier. Moderate-risk country. Limited audit trail. Questionnaire, desk review, and contract protections are advised.
🔴 High Risk
Unknown beneficial owners. Sanctions-adjacent jurisdiction. Subcontracting likely. On-site audit, legal review, and strong contractual indemnities are needed.
⚫ Critical Risk
Sanctions exposure. Forced labor red flags. No compliance documentation. Reconsider the relationship entirely.
Established Frameworks Worth Knowing
Several well-established frameworks guide due diligence. These are worth knowing before you are in a dispute.
•OECD Due Diligence Guidance for Responsible Business Conduct — adopted in 2018, updated in 2023. This is the global gold standard: the first government-backed reference on due diligence applicable across all industries and countries. It covers labor rights, human rights, environment, bribery, and consumer interests throughout your supply chain.
•UN Guiding Principles on Business and Human Rights (UNGPs) — unanimously endorsed by the UN Human Rights Council in 2011. These define the corporate responsibility to identify, prevent, and mitigate adverse impacts across operations and supply chains.
•Risk-Tiered Supplier Assessment Frameworks — procurement-focused frameworks used by compliance programs globally. These typically follow a six-stage cycle: scope → assess → score → decide → remediate → report. The key is matching your assessment depth to the actual risk level of each supplier.
Questions to Ask Before You Choose a Supplier
These are not legal advice. But they are questions that frequently arise in supply chain disputes.
•Who actually owns this supplier? Can you identify the beneficial owner? Beneficial owner structures matter in sanctions analysis.
•Does the supplier subcontract? To whom? This is exactly where Mattel’s problem was hidden.
•What licenses does the supplier hold — and are they current? Lapsed licenses and regulatory violations are common red flags.
•Is the supplier on any sanctions list? OFAC’s SDN list is a starting point, but not the only one.
•What does your contract say about subcontracting, quality standards, and indemnification? Silence on these points is a problem.
•Are your compliance representations actually verified — or just documented on paper?
•What is the dispute resolution mechanism if something goes wrong? Which jurisdiction, which law?
What’s at Stake Legally
As the Mattel case taught, the risk of a failed due diligence can create multi-million liability exposure of class actions, product defects, reputational damages,delivery failures, customs holds, operational disruptions, and cash liquidity crisis.
A one-size-fits-all approach to due diligence is ineffective and legally dangerous. Companies that treated every supplier the same — regardless of country, tier, or complexity — ended up with the weakest contracts exactly where they needed the strongest ones. Supply chain due diligence is no longer just a procurement function. It has become a legal one.
Closing Thought
The Mattel situation wasn’t caused by bad intentions. It was caused by a system that looked fine on paper but had no real visibility past the first tier.
What does your system look like past the first tier?.
Disclaimer: This blog post is not legal advice. It is for informational purposes only. Reading this content does not create an attorney-client relationship. Consult with a licensed attorney to address your specific issues. Do not act upon this information without seeking professional legal counsel. IB Law Firm does not endorse any of the cited sources and is not responsible for the content of linked resources