What is Sedex and what does a SMETA audit actually prove?
Sedex is a data-sharing network. SMETA is an audit methodology. They are related but not the same thing. This guide explains how each one works, what a SMETA audit can and cannot demonstrate, and how both fit within EU sustainability compliance requirements.
This article is for informational purposes only and does not constitute legal advice. Consult a qualified legal professional for advice specific to your situation.
Two things that are often confused
Sedex and SMETA appear together in most supplier requests, which leads many suppliers to treat them as a single requirement. They are not. Sedex is a membership platform for sharing ethical trade data. SMETA is an audit methodology that can be used with or without Sedex membership. Understanding the difference matters because the obligations, costs, and outputs of each are distinct.
What Sedex is
Sedex is a non-profit membership organisation founded in 2004 by a group of UK retailers. Its purpose is to provide a shared platform where suppliers can upload their ethical trade data once and share it with multiple buyers, rather than completing separate assessments for each buyer relationship.
The Sedex platform holds two types of supplier data. The first is the Self-Assessment Questionnaire (SAQ), a structured questionnaire covering labour standards, health and safety, environment, and business ethics. The supplier completes the SAQ on the platform and updates it periodically. The second is audit reports, primarily SMETA audits, uploaded to the platform after they have been conducted.
When a supplier links to a buyer on the Sedex platform, that buyer gains access to the supplier’s SAQ responses and any audit reports the supplier has uploaded. The same data is then accessible to all other buyers the supplier is linked to. This is the core value proposition of Sedex: a supplier completes the process once and shares the output with many buyers, rather than responding separately to each one.
Sedex has approximately 90,000 members across 150 countries. It is most widely used in UK and European retail, food and beverage, apparel, and agriculture. UK supermarkets including Tesco, Marks and Spencer, and Sainsbury’s commonly require it, as do global food companies and fashion brands sourcing from Asia and Africa. It is the dominant platform in garment supply chains across South and Southeast Asia.
Buyer membership fees start at approximately £6,471 per year. Supplier membership is less expensive. Pricing varies by membership tier and company size.
What SMETA is
SMETA stands for Sedex Members Ethical Trade Audit. It is an audit methodology, not a platform. A SMETA audit is an on-site assessment conducted at a supplier’s facility by a qualified third-party auditor from Sedex’s approved list. The supplier selects and pays the auditor directly.
SMETA comes in two variants. The two-pillar version covers labour standards and health and safety. The four-pillar version adds environment and business ethics. Buyers specify which variant they require. The two-pillar version is more common, particularly in garment and food supply chains where labour conditions are the primary concern.
The audit follows a standardised methodology. The auditor reviews documentation, interviews workers, and inspects facilities against defined criteria. The resulting report is structured and detailed: findings are categorised as non-conformances at critical, major, or minor levels, or as observations and areas for improvement. The supplier receives the report and is expected to address findings within defined timeframes.
SMETA is the most widely used social compliance audit methodology in global supply chains. Its standardisation means that a single SMETA report, once uploaded to the Sedex platform, can satisfy the audit requirements of multiple buyers simultaneously. This reduces the burden of repeated audits from different buyers, which was a significant cost for suppliers before shared platforms existed.
The relationship between Sedex and SMETA
SMETA audits are typically uploaded to and shared through the Sedex platform, but the two are technically separable. A supplier can commission a SMETA audit from an approved auditor without being a Sedex member. The resulting report can be provided directly to a buyer who accepts SMETA reports outside the Sedex platform.
In practice, most buyers who require SMETA also require the report to be hosted on Sedex, because the platform provides standardised access and version control across their supplier network. If a buyer asks for a SMETA audit, it is worth clarifying whether they require it to be uploaded to Sedex or whether they will accept the report directly. The two are not identical requirements.
What a SMETA audit actually assesses
A SMETA audit assesses conditions at a specific facility at the time of the audit. The auditor reviews what they can observe, what documentation the supplier presents, and what workers say in interviews. The resulting report reflects a snapshot of conditions on the day or days the audit took place.
The scope of what a SMETA audit covers depends on the pillar variant:
The two-pillar audit covers labour standards (forced labour, child labour, working hours, wages, freedom of association, discrimination, disciplinary practices, and management systems) and health and safety (building safety, fire safety, machinery safety, chemical handling, sanitation, worker welfare, and health and safety management systems).
The four-pillar audit adds environment (environmental management systems, waste, emissions, water, energy, and legal compliance with environmental regulations) and business ethics (anti-corruption, anti-bribery, conflict of interest, and complaints mechanisms).
A finding-free SMETA report, or one with only minor observations, demonstrates that the auditor found conditions at your facility to be broadly consistent with the SMETA criteria on the day of the audit. It does not demonstrate that conditions are consistently maintained between audits, because that is something an annual or biennial audit cannot establish.
The structural weakness of the model
The most significant structural problem with SMETA is the auditor selection and payment model. The supplier chooses an auditor from Sedex’s approved list and pays them directly for the audit. The auditor’s commercial interest lies in being selected and paid by suppliers. An auditor with a reputation for producing stringent reports may receive fewer commissions than one with a reputation for producing favourable ones. This is a well-documented dynamic in social compliance auditing: the financial structure creates a systematic pressure toward leniency that independent commissioning would avoid.
This is not a criticism of individual auditors or of Sedex specifically. The same problem affects most social compliance audit schemes that use a buyer-commissioned model. It is a structural feature of the market, and it means that a finding-free SMETA report provides weaker assurance than it appears to, because the conditions under which auditors are engaged create an incentive not to find problems.
A second structural limitation is auditability itself. Preparing for an audit by coaching workers on how to respond to auditor questions, cleaning up facilities, and presenting temporary records of compliance are practices documented extensively in audit-heavy industries across Asia and elsewhere. An auditor can only assess what they observe. What happens in a facility on a regular working day, when no auditor is present, is not captured by an annual on-site assessment.
Sedex acknowledges these limitations. It describes itself as a data-sharing platform, not a compliance certification. The SMETA methodology is a tool for gathering and sharing information, not a guarantee of conditions.
What Sedex and SMETA do not cover
Sedex and SMETA were designed around social compliance concerns, primarily labour standards and working conditions. Their scope does not extend to the full range of obligations that EU sustainability regulation now imposes.
For CSRD, the most significant supply chain data requirement is greenhouse gas emissions data, specifically Scope 3 categories covering purchased goods and services. A SMETA audit does not collect this data. If your EU buyer is subject to CSRD and needs to report on value chain emissions, your SMETA report does not provide the information they need for that specific obligation.
For CSDDD, a SMETA audit covers some of the ground that due diligence requires, particularly the identification of labour-related adverse impacts. But CSDDD requires more than an audit snapshot. It requires documented processes for identifying actual and potential adverse impacts, evidence of preventive and corrective action, a functional complaints mechanism accessible to workers and affected communities, and ongoing monitoring with documented outcomes. A SMETA audit contributes evidence toward some of these elements but does not constitute a CSDDD-compliant due diligence programme on its own. The remediation and monitoring obligations that CSDDD requires are not satisfied by a periodic audit.
For EUDR, neither Sedex nor SMETA addresses the specific documentation requirements: geolocation data for land plots, evidence of no deforestation after December 2020, and the due diligence statements required for covered commodities. These are entirely outside the scope of both platforms.
Who requires Sedex and SMETA
The buyers most likely to require Sedex membership and SMETA audits are UK and European retailers, food companies, and apparel brands with complex global supply chains. The requirement is most common in industries where labour conditions at production facilities are the primary sustainability concern of the buying organisation.
For UK retailers, Sedex membership and SMETA audits have been standard practice for over a decade. For European fashion brands and food companies, the requirement has become more widespread as CSRD and CSDDD have increased pressure on procurement teams to document their supplier assessment processes.
The frequency of audit requirements varies. Some buyers accept SMETA reports up to 18 months old. Others require annual audits. The buyer typically specifies the required frequency and pillar variant in their supplier code of conduct.
If you receive a Sedex or SMETA request
If your EU buyer has asked you to join Sedex or commission a SMETA audit, the first step is to clarify exactly what they require. The specific questions to ask are: which pillar variant of SMETA they need (two-pillar or four-pillar), whether they require the audit report to be uploaded to Sedex or whether they will accept it directly, how recently the audit must have been conducted to be acceptable, and whether there is a preferred auditor or whether any auditor from Sedex’s approved list is acceptable.
Once requirements are clear, completing the SAQ accurately is the starting point. The SAQ is self-reported and requires no third-party involvement, but it creates a baseline record on the platform that your linked buyers can see. Completing it carefully and honestly is more useful than completing it quickly, because inconsistencies between your SAQ responses and your SMETA audit findings will be visible to buyers comparing the two.
For the SMETA audit, selecting an auditor with experience in your industry and geography is worth the additional research. Audit quality varies. An auditor familiar with your sector and region will conduct a more meaningful assessment than one who is not, which benefits your own understanding of your compliance position as well as the report you share with buyers.
The compliance question that neither answers
A SMETA audit tells you and your buyers how conditions at your facility compared to the SMETA criteria on the day of the audit. A Sedex membership gives multiple buyers access to that assessment through a shared platform.
Neither answers the question of whether your operations comply with the specific requirements of EU sustainability law. CSRD, CSDDD, and EUDR impose obligations that were not designed around the Sedex framework. A supplier who has a current SMETA report and an active Sedex membership may still have significant gaps in their compliance position under EU law, particularly on emissions data, deforestation documentation, and the operational due diligence requirements of CSDDD.
Understanding those gaps requires starting from the legislation, not from a platform framework built for social compliance auditing in retail supply chains.
A detailed explanation of what CSDDD requires from supply chain participants is available here: CSDDD explained: what the corporate sustainability due diligence directive means for supply chains.
Verdandi monitors EUDR, CBAM, CSRD, CSDDD and more continuously — so non-EU businesses touching EU markets are working from current requirements as deadlines, benchmarks, and scope thresholds change. Start for free.
This article is part of a series on the supply chain sustainability platform landscape. See also: EcoVadis vs Sedex: which one does your EU buyer actually need?.
Subscribe for news updates.
The EU Deforestation Regulation creates specific documentation requirements for cocoa producers and exporters supplying the EU market. This article explains what is required, where the practical difficulty lies, and what suppliers in Ghana, Ivory Coast, Indonesia, and beyond need to prepare.