Public consultation on Enquiry Drafts of revised PEFC International Standards for Chain of Custody and Trademark Rules

ED PEFC ST 2002:201X, Chain of Custody of Forest and Tree Based Products - Requirements

Appendix 2: Implementation of the chain of custody standard by multi-site organisations

Normative Appendix

1 Introduction

The aim of this appendix is to establish guidance for the implementation of the chain of custody requirements in an organisation with a network of sites, thus ensuring on the one hand, that the certification of the chain of custody is practical and feasible in economic and operative terms and on the other, that the assessment provides adequate confidence in the conformity of the chain of custody. Certification of multi-site organisations also allows implementation and certification of the chain of custody in a group of typically small independent companies.

This appendix only includes requirements for implementation of the chain of custody requirements which are applicable to organisations with multiple production locations.

2 Eligibility criteria for the multi-site organisation

2.1 The multi-site organisation does not need to be a unique entity, but all sites shall have a legal or contractual link with the central office and be subject to a common chain of custody which is subject to continuous surveillance by the central office. This means that the central office has the right to implement corrective actions when needed at any site. Where applicable, this should be laid down in the contract between the central office and the sites.

2.2 The multi-site organisation may cover:

a) organisations operating with franchises or companies where the sites are linked through a common ownership, management or other organisational link; and

b) groups of independent legal enterprises established and functioning for the purposes of the chain of custody certification (producer group).

Note: Membership in an association is not covered by the term “management or other organisational link”.

2.3 A producer group is a network of typically small independent enterprises, which have associated together for the purpose of obtaining and maintaining chain of custody certification. The central office may be an appropriate trade association, or any other properly experienced legal entity that is either nominated for the purpose by a group of intending members or offers a group service managed for the purposes of and consistently with this standard. The central office can also be administered by one member of the group.

Note:      The central office in the case of the producer group can be called the “group entity” and sites can be called “group members”

2.4 A site is a location at which activities relating to the organisation’s chain of custody are carried out.

2.5 The producer group is limited to participation of sites which are domiciled in a single country and which:

a) have no more than 50 employees (full time employees equivalent); and

b) have an turnover of maximum of 9,000,000 CHF, or equivalent. 

3 Requirements for multi-site organisations

3.1 General

3.1.1 The organisation’s chain of custody shall be centrally administered and be subject to central review. All the relevant sites (including the central administration function) shall be subject to the organisation’s internal audit program and shall have been audited in accordance with that program prior to the certification body starting its assessment.

3.1.2     It shall be demonstrated that the central office of the organisation has established a chain of custody in accordance with this standard and that the whole organisation (including all the sites) meets the requirements of this standard.

3.1.3     The organisation shall be able to demonstrate its ability to collect and analyse data from all sites including the central office authority and its ability to initiate changes in the chain of custody operating in the sites if required.

3.2       Function and responsibilities of the central office

3.2.1    The central office shall:

a) represent the multi-site organisation in the certification process, including communication and relationship with the certification body,

b) submit an application for the certification and its scope, including a list of participating sites,

c) ensure contractual relationship with the certification body,

d) submit to the certification body a request for extension or reduction of the certification scope, including coverage of participating sites,

e) provide a commitment on behalf of the whole organisation to establish and maintain a chain of custody in accordance with the requirements of this standard,

f) provide all the sites with information and guidance needed for effective implementation and maintenance of the chain of custody in accordance with this standard; The central office shall provide the sites with the following information or access to the following information:

  • a copy of this standard and any guidance relating to the implementation of the requirements of this standard,
  • PEFC Logo usage rules and any guidance relating to the implementation of the PEFC Logo usage rules,
  • a central office’s procedures for the management of the multi-site organisation,
  • conditions of the contract with the certification body relating to the rights of the certification body or accreditation body to access the sites’ documentation and installations for the purposes of evaluation and surveillance, and disclosure of information about the sites to a third party,
  • explanation of the principle of the mutual responsibility of sites in the multi-site certification.
  • results of the internal audit programme and the certification body’s evaluation and surveillance and relating corrective and preventive measures applicable to individual sites,
  • the multi-site certificate and any of its parts relating to the scope of the certification and coverage of sites.

Note:      The term “mutual responsibility” means that nonconformities found in one site or the central office may result in corrective actions to be performed at all sites; an increase in internal audits or withdrawal of the multi-site certificate.

g) provide organisational or contractual connection with all the sites, which shall include commitments by the sites to implement and maintain the chain of custody in accordance with this standard. The central office shall have a written contract or other written agreement with all the sites which covers the right of the central office to implement and enforce any corrective or preventive measures and to initiate the exclusion of any site from the scope of certification in case of nonconformities with this standard,

h) establish written procedures for the management of the multi-site organisation,

i) keep records relating to the central office and sites compliance with the requirements of this standard,

j) operate an internal audit programme as outlined in 3.2.2.

k) operate a review of the central office and sites conformity, including review of results of the internal audits programme and certification body’s evaluations and surveillance; shall establish corrective and preventive measures if required; and shall evaluate the effectiveness of corrective actions taken.

3.2.2 Internal audit programme The internal audit programme shall provide for:

a) audit of all the sites (including its own central administration function), on site or remotely, where a remote verification of the implementation of chain of custody processes is feasible, prior to certification body starting its evaluation; and

b) audit of any new site prior the certification body starting the process of the certification scope extension.

3.3 Function and responsibilities of sites

Sites connected to the multi-site organisation shall be responsible for:

a) implementation and maintenance of the chain of custody requirements in accordance with this standard,

b) entering into contractual relationship with the central office, including commitment on the compliance with the chain of custody requirements and other applicable certification requirements,

c) responding effectively to all requests from the central office or certification body for relevant data, documentation or other information whether in connection with formal audits or reviews or otherwise,

d) providing full co-operation and assistance in respect of the satisfactory completion of internal audits performed by the central office and audits performed by the certification body, including access to the sites installations,

e) implementation of relevant corrective and preventive actions established by the central office.

4  Scope of responsibilities for requirements of this standard implemented in the multi-site organisation

Standard requirements

Central office


Requirements for chain of custody process – physical separation method



Requirements for chain of custody process – percentage method



Requirements for chain of custody process –credit method



6  Management system requirements


Responsibilities and authorities



General responsibilities



Responsibilities and authorities for chain of custody

Yes (for d and e)


Documented procedures

Yes (for a, e and f)


Record keeping

Yes (for f and g)


Resource management

Yes (only for activities provided)


Human resources / personnel

Technical facilities

Inspection and control