China Supplier Verification Checklist

Assign supplier checks to clear owners, require dated evidence for each handoff, and preserve conditional, unresolved, and expired results.

A supplier checklist is useful only when another person can see who checked each issue, what evidence was attached, which exception remains open, and what decision the result supports. A page of untethered check marks does not provide that handoff.

Use this checklist as a control sheet. Adjust depth to the product, country rules, order value, payment exposure, intellectual property, safety, labour, environmental, and continuity risks.

Procurement coordinator completing a physical supplier checklist beside a five-section evidence file
Every completed item should point to an owner, dated evidence, and a defined next decision.

Before the checks: define the assignment

Owner: sourcing requester or category manager.

Attach: a transaction card stating product or service, quantity, estimated annual and first-order value, deposit, payment terms, intended supplier role, destination, required delivery date, critical specifications, regulated uses, IP exposure, and why the supplier was selected.

Do not hand off if: the team cannot say what role it expects the Chinese company to perform or what commitment the review is meant to approve.

The OECD's due-diligence framework is risk-based and expects businesses to adapt work to the relevant context rather than attempt everything everywhere at once. Read the official guidance. ISO 20400 likewise places sustainability within the procurement decision and process. See the standard overview.

1. Identity packet

Owner: supplier onboarding or due-diligence reviewer.

  • Chinese legal name and Unified Social Credit Code confirmed from a current record;
  • business licence matched to the record, with company type, status, address, representative, capital, scope, and establishment date captured;
  • English names, brands, former names, website, email domain, invoice name, and related entities mapped rather than merged;
  • seller, factory operator, exporter, invoice issuer, contract party, and proposed beneficiary listed separately; and
  • query date, source, report version, and unresolved candidate matches preserved.

Attach: company report, licence copy, name-and-role map, and source record.

Do not hand off if: the intended contract party is still identified only by an English name or several Chinese candidates remain plausible. SAMR's current measures confirm the core licence and registration fields used in this packet. Review the registered fields.

2. Capability packet

Owner: engineering, quality, technical buyer, or qualified service owner.

  • product specification, drawing revision, approved sample, and acceptance method defined;
  • factory operator and exact site linked to the seller;
  • critical equipment, people, process, materials, test method, and subcontracting identified;
  • capacity claim reconciled with cycle time, shifts, yield, load, and lead time; and
  • product-specific licences, standards, test reports, certification scope, and expiry reviewed where required.

Attach: technical assessment, sample result, site or audit evidence, process map, and open corrective actions.

Do not hand off if: the supplier cannot identify who performs a critical process or the evidence relates to a different product, site, or entity. Use the manufacturer verification guide for the detailed evidence stack.

3. Risk and responsible-sourcing packet

Owner: compliance, responsible sourcing, security, privacy, environmental health and safety, or other designated specialist.

  • current public legal, enforcement, regulatory, and operating signals reviewed in context;
  • ownership, control, intermediaries, conflicts, and required restricted-party screening completed under applicable policy and law;
  • labour, human-rights, environmental, anti-bribery, data, security, and traceability questions scoped to the product and supply chain; and
  • each finding has an owner, mitigation, due date, evidence requirement, and escalation rule.

Attach: screening record, risk assessment, supplier response, mitigation plan, and specialist sign-off.

Do not hand off if: a mandatory restriction is unresolved or a material impact has no approved action. The U.S. International Trade Administration also treats due diligence as continuing work, not a one-time partner search. See its partner-risk overview.

4. Contract packet

Owner: legal or authorised contract reviewer.

  • contract party matches the approved Chinese entity and authorised signing method;
  • specification, quality, inspection, tooling, IP, confidentiality, subcontracting, delivery, warranty, recall, refund, and document duties are assigned;
  • price, currency, taxes, Incoterm, transfer of risk, payment milestones, and beneficiary rules are consistent across attachments; and
  • governing law, dispute process, notices, language priority, and termination controls receive appropriate review.

Attach: approved contract, schedules, redline record, authority evidence, and exception approval.

Do not hand off if: the approved supplier and signed counterparty differ without a reviewed arrangement. Follow the pre-contract evidence chain for the full method.

5. Payment packet

Owner: accounts payable, treasury, or finance controller independent of the requester.

  • invoice issuer and beneficiary names mapped to the contract and approved role structure;
  • bank details obtained through an approved channel and independently confirmed;
  • currency, country, deposit, milestones, refund rights, and payment reference match the contract;
  • new or changed instructions trigger a fresh hold and callback; and
  • maker, checker, and final releaser are recorded according to internal authority limits.

Attach: beneficiary verification, invoice reconciliation, callback record, milestone evidence, and payment approval.

Do not release funds if: an entity mismatch, changed account, unusual urgency, or missing approval remains. Use the bank-beneficiary workflow rather than a checkbox alone.

6. Decision and acceptance packet

Owner: delegated business approver; later, the named goods or service acceptance owner.

  • decision recorded as approved, conditional, held, or rejected for this defined transaction;
  • open conditions have owners, deadlines, and a rule for blocking the PO, payment, production, or shipment;
  • supplier, product, site, contract, and evidence version are named;
  • incoming, in-process, pre-shipment, or service acceptance criteria are tied to the contract; and
  • change triggers and next review point are recorded.

Attach: approval memo, exception register, acceptance record, nonconformance record, and closure evidence.

Do not mark “approved supplier” without scope: state the product, site, value, period, and conditions covered. China's Ministry of Finance requires contract-based acceptance, signed records, and evidence retention in its government-procurement context. Read the process-control guidance. A private overseas buyer is not governed by that document, but the ownership and record lesson is useful.

Use statuses that preserve uncertainty

Give each item one of five states: passed, conditional, unresolved, not applicable, or expired. Require a reason and approver for “not applicable.” Never convert missing evidence into a pass merely to complete the sheet.

The minimum payment gate is summarized in Verify a Chinese Company Before Payment. The broader risk architecture belongs in China Supplier Due Diligence.

Handoff cover sheet

Supplier: [Chinese legal name / USCC]
Transaction: [product, role, site, value, deposit, destination]
Evidence cutoff: [date and report version]
Packets: [identity / capability / risk / contract / payment / acceptance status]
Open conditions: [owner, due date, blocked action]
Decision: [scope, approver, date, expiry or review trigger]
Evidence location: [controlled folder or record ID]

Refresh the file when the legal name, status, ownership, representative, address, factory, product, licence, contract party, bank details, order exposure, legal record, or critical subcontractor changes. For the narrative decision behind the sheet, use the company-report approval memo.

This checklist is a general procurement control, not legal, tax, customs, sanctions, engineering, quality, labour, environmental, financial, cybersecurity, or responsible-sourcing advice. Adapt it to applicable law, product risk, and company policy.