Industries · Food & beverage manufacturing · UK
Supplier compliance for
UK food & drink makers.
Your approved supplier list is only as good as its most out-of-date entry.
UK law already requires every food business to run a food safety management system based on HACCP principles under the Food Safety and Hygiene (England) Regulations 2013. On top of that legal floor, buyers layer their own contractual requirements: a valid third-party certificate, current insurance, allergen declarations, traceability evidence and, increasingly, an ethical audit. Every one of those is a document with an issuing body, a scope and an expiry date, and every one of your own suppliers carries the same stack.
A mid-sized manufacturer can hold hundreds of supplier certificates that all expire on different dates. Missing or expired certificates on an approved supplier list are one of the most common non-conformances raised in BRCGS audits, and the failure is almost always a missed renewal date, not a genuine gap. Chasing PDFs by email does not scale, and it fails at exactly the moment an auditor asks to see it.
Keep the evidence in date, and chase itself.
Supplio does not run your audits or make your certification decisions. It removes the manual chasing and silent expiries that cause most non-conformances. Every capability below is a shipping feature.
Branded supplier portal
A self-service portal your suppliers log into, carrying your logo, accent colour and welcome message.
Supplier onboarding
Invite a supplier, send them onboarding forms, and review submissions in a queue where you approve or request changes.
Document store with expiry tracking
Store the documents suppliers upload, with expiry dates and automatic reminders as they approach.
Insurance & certificate expiry chasing
Track insurance policies and certificates by expiry, and chase suppliers automatically before they lapse.
Certification tracking
Record each supplier certification with its issuing body, issue and expiry dates, and live status.
CAPA with a supplier response loop
Raise a corrective action, assign it, let the supplier respond through the portal, then accept it or send it back.
Risk register with a 5x5 heatmap
Log supplier risks by likelihood and impact and see them on a clickable 5x5 heatmap.
Scope 3 carbon reporting
Collect supplier-declared emissions, apply emission factors, and export a Scope 3 inventory as CSV or PDF.
Immutable audit log
Every change is recorded in an immutable, filterable audit log you can export to CSV.
The compliance stack retailers expect.
Food safety certification: BRCGS, SALSA, FSSC 22000, HACCP
HACCP is the legal baseline for every UK food business. The certification schemes sit on top of it and are what buyers actually ask to see, and which one depends on your size and customer base.
- HACCP: a legal requirement for all UK food businesses, enforced by the FSA
- BRCGS Global Standard for Food Safety: the dominant GFSI-benchmarked standard in UK retail, now on Issue 9
- SALSA: the UK scheme for small and micro producers, recognised by major retailers
- FSSC 22000 is GFSI-recognised where plain ISO 22000 is not
Sources: BRCGS, SALSA, FSSC 22000. Checked 2 July 2026.
Approved supplier lists, allergens and traceability
Even with your own certification in place, you are accountable for the suppliers behind your products. BRCGS expects a documented approved supplier list with evidence that each supplier's status is current, plus watertight allergen and traceability controls.
- A written supplier approval procedure with valid certificates on file
- Confirmation each certificate's scope covers what you buy, plus re-evaluation
- Natasha's Law: all 14 regulated allergens emphasised, full ingredients on PPDS
- Traceability one step back and one step forward, evidenced on demand
Sources: FSA allergen labelling (PPDS). Checked 2 July 2026.
Ethical audits, modern slavery and expiry
Beyond food safety, buyers increasingly ask for evidence of ethical conduct and proof that every document you rely on is still valid. This is where compliance quietly decays, because certificates and insurance expire silently unless someone is tracking the dates.
- SMETA (Sedex) is the most widely used social audit format
- Modern Slavery Act s.54: an annual statement is required at £36m+ turnover
- Smaller suppliers are routinely asked to evidence their position anyway
- Expired certificates and insurance are a routine audit non-conformance
Sources: Sedex SMETA, Modern Slavery Act 2015 s.54. Checked 2 July 2026.
Food & beverage compliance, answered.
What is BRCGS, and do my suppliers need it?+
How do I manage supplier certificates and expiries without a spreadsheet?+
Is HACCP a legal requirement in the UK?+
What is the difference between ISO 22000 and FSSC 22000?+
Does Supplio run our food safety audits?+
See it against your own suppliers. Prices are on the website, in GBP.
Q1 evidence pack
Suppliers · Compliance · Scope 3
Two weeks from now you could be exporting a board-ready evidence pack instead of patching a v17 spreadsheet. Transparent UK pricing, Stripe-secured, cancel any time.
- UK-built · GDPR & UK DPA 2018
- Transparent GBP pricing · no hidden seats
- Founder-led UK support
