Skip to content

Industries · Food & beverage manufacturing · UK

Supplier compliance for UK food & drink makers.

Your own certificate is only half the picture. The moment you supply a retailer, you inherit their supplier-approval demands too: valid certificates, current insurance, allergen and traceability evidence, and an audit that can land at any time. Supplio keeps that stack in date and audit-ready.
The reality

Your approved supplier list is only as good as its most out-of-date entry.

UK law already requires every food business to run a food safety management system based on HACCP principles under the Food Safety and Hygiene (England) Regulations 2013. On top of that legal floor, buyers layer their own contractual requirements: a valid third-party certificate, current insurance, allergen declarations, traceability evidence and, increasingly, an ethical audit. Every one of those is a document with an issuing body, a scope and an expiry date, and every one of your own suppliers carries the same stack.

A mid-sized manufacturer can hold hundreds of supplier certificates that all expire on different dates. Missing or expired certificates on an approved supplier list are one of the most common non-conformances raised in BRCGS audits, and the failure is almost always a missed renewal date, not a genuine gap. Chasing PDFs by email does not scale, and it fails at exactly the moment an auditor asks to see it.

How Supplio helps

Keep the evidence in date, and chase itself.

Supplio does not run your audits or make your certification decisions. It removes the manual chasing and silent expiries that cause most non-conformances. Every capability below is a shipping feature.

Branded supplier portal

A self-service portal your suppliers log into, carrying your logo, accent colour and welcome message.

Supplier onboarding

Invite a supplier, send them onboarding forms, and review submissions in a queue where you approve or request changes.

Document store with expiry tracking

Store the documents suppliers upload, with expiry dates and automatic reminders as they approach.

Insurance & certificate expiry chasing

Track insurance policies and certificates by expiry, and chase suppliers automatically before they lapse.

Certification tracking

Record each supplier certification with its issuing body, issue and expiry dates, and live status.

CAPA with a supplier response loop

Raise a corrective action, assign it, let the supplier respond through the portal, then accept it or send it back.

Risk register with a 5x5 heatmap

Log supplier risks by likelihood and impact and see them on a clickable 5x5 heatmap.

Scope 3 carbon reporting

Collect supplier-declared emissions, apply emission factors, and export a Scope 3 inventory as CSV or PDF.

Immutable audit log

Every change is recorded in an immutable, filterable audit log you can export to CSV.

What you have to manage

The compliance stack retailers expect.

Food safety certification: BRCGS, SALSA, FSSC 22000, HACCP

HACCP is the legal baseline for every UK food business. The certification schemes sit on top of it and are what buyers actually ask to see, and which one depends on your size and customer base.

  • HACCP: a legal requirement for all UK food businesses, enforced by the FSA
  • BRCGS Global Standard for Food Safety: the dominant GFSI-benchmarked standard in UK retail, now on Issue 9
  • SALSA: the UK scheme for small and micro producers, recognised by major retailers
  • FSSC 22000 is GFSI-recognised where plain ISO 22000 is not

Sources: BRCGS, SALSA, FSSC 22000. Checked 2 July 2026.

Approved supplier lists, allergens and traceability

Even with your own certification in place, you are accountable for the suppliers behind your products. BRCGS expects a documented approved supplier list with evidence that each supplier's status is current, plus watertight allergen and traceability controls.

  • A written supplier approval procedure with valid certificates on file
  • Confirmation each certificate's scope covers what you buy, plus re-evaluation
  • Natasha's Law: all 14 regulated allergens emphasised, full ingredients on PPDS
  • Traceability one step back and one step forward, evidenced on demand

Sources: FSA allergen labelling (PPDS). Checked 2 July 2026.

Ethical audits, modern slavery and expiry

Beyond food safety, buyers increasingly ask for evidence of ethical conduct and proof that every document you rely on is still valid. This is where compliance quietly decays, because certificates and insurance expire silently unless someone is tracking the dates.

  • SMETA (Sedex) is the most widely used social audit format
  • Modern Slavery Act s.54: an annual statement is required at £36m+ turnover
  • Smaller suppliers are routinely asked to evidence their position anyway
  • Expired certificates and insurance are a routine audit non-conformance

Sources: Sedex SMETA, Modern Slavery Act 2015 s.54. Checked 2 July 2026.

Food & beverage compliance, answered.

What is BRCGS, and do my suppliers need it?+
BRCGS (the Global Standard for Food Safety, currently Issue 9) is a GFSI-benchmarked food safety certification widely required by UK retailers. Whether a given supplier needs it depends on your customers' supplier-approval requirements and the product's risk. Some buyers accept SALSA for small producers or FSSC 22000 as an equivalent GFSI-recognised standard. The practical rule is to confirm each supplier's certificate is valid, that its scope covers what you buy, and that it has not expired.
How do I manage supplier certificates and expiries without a spreadsheet?+
Hold each certificate in a central store that records its issuing body, scope and expiry, and set automatic reminders ahead of renewal. Supplio's document store tracks expiries and sends automatic reminders at 30 and 7 days, and suppliers upload renewals themselves through a branded portal, so your approved supplier list stays current without manual chasing.
Is HACCP a legal requirement in the UK?+
Yes. Every UK food business must operate a food safety management system based on HACCP principles under the Food Safety and Hygiene (England) Regulations 2013, enforced by the Food Standards Agency. Certification schemes such as BRCGS and SALSA build on that legal baseline; they do not replace it.
What is the difference between ISO 22000 and FSSC 22000?+
ISO 22000 is a food safety management-system standard but is not GFSI-recognised on its own. FSSC 22000 builds on ISO 22000, adds sector-specific requirements such as food defence and food fraud prevention, and is GFSI-recognised. If a customer requires a GFSI-benchmarked standard, FSSC 22000 qualifies where plain ISO 22000 does not.
Does Supplio run our food safety audits?+
No. Supplio does not perform audits, inspections or lab testing, and it does not issue certificates. It is the system of record that keeps supplier certificates, insurance and specifications in date, chases renewals automatically, manages corrective actions with suppliers, and keeps an exportable audit log. Your audits and certification decisions stay with you and your certification body.

See it against your own suppliers. Prices are on the website, in GBP.

Export · Q1 pack

Q1 evidence pack

Suppliers · Compliance · Scope 3

247 suppliers·412 audit events·87% Scope 3
Ready
Stop the spreadsheet. Start the workspace.

Two weeks from now you could be exporting a board-ready evidence pack instead of patching a v17 spreadsheet. Transparent UK pricing, Stripe-secured, cancel any time.

See transparent pricing
  • UK-built · GDPR & UK DPA 2018
  • Transparent GBP pricing · no hidden seats
  • Founder-led UK support