All guides
Compliance 11 min readEditorial Desk

Understanding SMETA Audits

What a SMETA audit actually proves, what it doesn't, and the seven sections of the report buyers should focus on before signing.

Understanding SMETA Audits — editorial sourcing guide cover
Executive Summary

SMETA — the Sedex Members Ethical Trade Audit — is the most widely recognised social-compliance audit in apparel, and one of the most misread documents in sourcing. Buyers routinely accept 'we have SMETA' as a verification, without reading what the audit actually covers, what it does not cover, or what severity ratings appear in the report. A SMETA certificate alone is not proof of ethical production. The seven-section report is the proof — and the report has to be read with intent. This dossier covers what SMETA is, what it isn't, the seven report sections buyers should focus on, the difference between 2-pillar and 4-pillar audits, and the red flags that should hold up a PO until they are closed.

What SMETA actually is

SMETA is an audit methodology developed by Sedex (the Supplier Ethical Data Exchange), used to assess factories against the ETI Base Code and applicable local law. It is the most common social compliance audit format in apparel — over 70,000 SMETA audits are filed annually across the Sedex platform. The audit is conducted by a Sedex-approved auditing firm (Bureau Veritas, Intertek, SGS, TÜV among others), not by Sedex itself. The output is a structured audit report uploaded to the Sedex database, where members can view it.

Importantly, SMETA is not a certification. There is no 'SMETA certificate' in the strict sense. What suppliers possess is a recently conducted SMETA audit and an audit report. A SMETA audit is valid for two years from the audit date. Anything older is stale; the supplier should have a current audit underway or have already re-audited.

2-pillar versus 4-pillar SMETA

SMETA audits come in two scopes. The 2-pillar audit covers labour standards and health & safety. The 4-pillar audit adds environment and business ethics. Most fashion buyers default to 2-pillar; brands with sustainability commitments increasingly require 4-pillar. The distinction matters because a 2-pillar audit explicitly does not validate the environmental claims many brands rely on in marketing — wastewater management, chemical use, emissions data, none of these are in scope for a 2-pillar audit.

If a factory provides a 2-pillar SMETA in response to a request for environmental verification, that is not a match. Either request a 4-pillar SMETA, or pair the 2-pillar with a separate environmental audit (ISO 14001, Higg FEM, ZDHC compliance documentation).

The seven sections of the SMETA report

A SMETA audit report is structured across seven sections plus a corrective action plan. Buyers who scan only the headline 'audit complete' tick-box miss the substance. The substance is in sections 3–7.

Section 1: Audit details

Audit date, audit firm, auditor names, audit scope (2-pillar or 4-pillar), facility addresses. Verify the audit is less than 24 months old, that the audit firm is on the Sedex approved list, and that the facility address matches the one you'll be placing orders at. Multi-site suppliers sometimes share a parent audit for a different facility.

Section 2: Site details

Worker counts, demographics, shift patterns, peak versus off-peak headcount. The peak-versus-off-peak ratio matters. A facility with 200 workers off-peak and 800 in peak season is operating on a sub-contracted or seasonal workforce that may not be fully reflected in the audit findings.

Section 3: Findings

The substance. Findings are categorised as Compliant, Non-Compliant (Critical), Non-Compliant (Major), Non-Compliant (Minor), or Good Example. Critical and Major findings should stop the PO conversation until you understand what they are and what the corrective action plan looks like. The number of findings is less important than their severity and category.

Section 4: Best practices & business benefits

Auditor commentary on positive practices observed. Useful context but not central to the verification decision.

Section 5: Corrective action plan

For each non-compliance, what the supplier has committed to do and by when. Critical findings should have closure dates within 30 days. Major findings within 90. Minor findings within 12 months. Suppliers with multiple Critical findings unclosed past their committed dates are a sourcing risk.

Section 6: Documents reviewed

Lists the documents the auditor sampled — payroll records, time records, contracts, age verification. A sparse documents list (under 30 documents) on a factory of 500+ workers usually signals a light audit.

Section 7: Worker interviews

Number of workers interviewed, interview method (private/group), demographics. SMETA guidelines recommend interviews with at least 10% of workers or 30 workers, whichever is fewer. Audits with fewer than 20 worker interviews on a large facility are statistically weak.

What SMETA does NOT prove

  • Product quality. SMETA is a social audit, not a quality control audit.
  • Financial solvency or business legitimacy. A factory can be SMETA-audited and still be financially distressed.
  • Sub-contracting. Most non-compliances involve unauthorised subcontracting; the audit can only see facilities it visits.
  • Materials traceability. The audit does not validate cotton origin, organic claims, recycled-content claims, or supply-chain transparency upstream of the cut-and-sew facility.
  • Brand-association legitimacy. SMETA does not verify that a factory currently produces for a named brand.
  • Sample-vs-bulk consistency. The audit is a snapshot in time, not a guarantee of ongoing standards.

"A factory with one Major non-compliance and a credible closure plan is often a lower risk than a factory with zero non-compliances and a shallow audit. The shallow audit is the warning sign."

— Editorial Desk

Red flags to look for in a SMETA report

  • Audit older than 24 months without a scheduled re-audit.
  • Critical findings unclosed beyond their committed closure date.
  • Worker interview count below 20 on a facility of 200+ workers.
  • Audit duration of less than 1.5 days on a multi-line facility (signals a desk audit, not on-site).
  • Documents reviewed list with no payroll or time records named.
  • Facility address on the audit report different from the production address quoted to you.
  • Corrective action plans with vague language ('will address') rather than specific commitments.
  • Repeated identical findings across multiple audit cycles — signals systemic non-correction.

How to request and read a SMETA report

  1. 01Ask the supplier to share the full audit report — not the certificate cover sheet.
  2. 02If the supplier is a Sedex member, request that they add you as a customer in their Sedex profile so you can view the audit directly.
  3. 03Verify the audit firm is on the Sedex approved list (sedex.com publishes this).
  4. 04Read sections 3 (findings) and 5 (CAP) first.
  5. 05Cross-check facility address against the address on your PO.
  6. 06Note the date of next planned audit.
  7. 07If anything looks unclear, request a follow-up call with the supplier's compliance officer.

Country variation in SMETA quality

Audit quality varies significantly by country and auditing firm. Audits conducted in regions with weak local-law enforcement tend to show fewer findings, which is suspicious rather than reassuring. Auditors in Bangladesh and Vietnam now routinely conduct 2-day audits on multi-line facilities; audits shorter than that warrant scrutiny. Audits in Portugal and Turkey typically run shorter because the regulatory baseline is higher and there is less to find — but verify the audit duration regardless.

A useful cross-reference: compare the number of findings on the same factory across consecutive audit cycles. A factory that reported eight Minor non-compliances two years ago and reports zero today either improved meaningfully or is being audited more leniently. Closure documentation should evidence improvement; if it does not, the disappearance of findings is the finding.

Note also that SMETA audits commissioned by the supplier (semi-announced) tend to surface fewer findings than audits commissioned by the buyer (unannounced or short-notice). Where possible, commission your own audit at the supplier's expense — most factories will agree if the relationship is scaling. Buyer-commissioned audits sit higher in the diligence hierarchy than supplier-commissioned audits because the auditor's commercial incentive aligns with the party receiving the report.

FAQs

How much does a SMETA audit cost the supplier?

Audit fees vary by region and facility size, typically USD 2,000–7,000 for a 2-pillar audit, plus auditor expenses. Suppliers may pass cost through to buyers via FOB pricing on first orders.

Should I require SMETA before placing my first order?

Yes for orders above 1,000 units or relationships expected to scale. For small first orders (under 500 units) with low-risk suppliers, you may accept SMETA as a closure item within 90 days of PO, provided the supplier has other credible certifications already in place.

Is SMETA recognised in the EU CSRD framework?

SMETA findings can be referenced in CSRD reporting as evidence of supply-chain due diligence, but SMETA alone does not satisfy the full CSRD scope. Brands subject to CSRD will need additional environmental and value-chain audits.

What if my supplier doesn't have a SMETA but has BSCI?

BSCI (Business Social Compliance Initiative, now amfori BSCI) is the second-most-common ethical audit format. The two are broadly comparable in scope. Most major buyers will accept either, but converting between them takes ~12 months.

Key Takeaways
  • SMETA is an audit, not a certification — read the report, not the cover sheet.
  • Sections 3 (findings) and 5 (CAP) are where the truth lives.
  • 2-pillar covers labour and H&S only. 4-pillar adds environment and ethics.
  • Audit older than 24 months is stale.
  • Pair SMETA with sustainability-specific certifications for material claims.
Take action

Find SMETA-audited factories

Filter the GIWAHS directory to surface only factories with verifiable, current ethical audit documentation.

Made with Emergent