How we vet a factory before it reaches your shortlist

Factory vetting is the part of sourcing that most buyers underinvest in and later pay for. The diligence framework below is what we run against every factory on our network, regardless of whether the client is sourcing smart wearables, hotel lighting, gym wear, or a prefab steel warehouse. The categories rhyme even when the product does not.

The framework follows the ISO 9001:2015 quality management principles and the ISO 19011 audit guidelines, both of which are the recognized international baseline for supplier evaluation. We also borrow from the Kraljic matrix in procurement theory, which sorts suppliers by commercial risk and supply risk so that diligence depth matches the exposure on the order.

Step one: legal and structural verification

Every factory starts with a pull of the Chinese business license (营业执照) and a cross check against the National Enterprise Credit Information Publicity System (国家企业信用信息公示系统). We confirm the legal entity name, the unified social credit code, registered capital, registered address, and business scope. A factory whose business scope does not actually include manufacturing the product category in question is a disqualification, not a negotiation.

Worked example: for a hotel lighting program, we confirmed the factory's scope covered lighting fixture manufacturing, not only trading. Trading companies marketing themselves as factories is a well documented pattern in Guangdong, and the legal verification is the first place it shows up.

Step two: capability stack against the brief

Each category has a capability stack that matters, and we screen against the client's brief before the visit. The specifics vary by program but the discipline does not.

For a smart wearable program, the stack might include sensor selection, SoC and SDK openness, firmware team depth, cloud routing, and ingress protection. For a hotel lighting program, the stack is dimming driver choice, colour rendering index, certification coverage for the target market, and luminaire assembly tolerances. For a prefab steel warehouse, the stack is steel grade and source traceability, welding qualifications, galvanizing line capacity, and structural design software in use. Same framework, different vocabulary.

The discipline is to state the mandatory capabilities in writing before the factory visit, and to disqualify on missing capability rather than negotiate around it.

Step three: quality system maturity

We verify certification scope rather than collecting logos. A framed ISO 9001 certificate on the reception wall means very little until we read the scope statement on the certificate, the issuing body, and the expiry date. For medical adjacent wearables we also look for ISO 13485 at factory level. For electrical and electronic goods entering the EU we check CE RED or the EMC and LVD routes. For Fitness and consumer goods entering the US we look at the FCC and, where relevant, the FDA pathway.

On the floor we then test the paperwork against the process. An ISO 9001 certificate is credible when we can watch an operator pull up the work instruction for the station they are running and when incoming quality control records for raw material are retrievable in under five minutes. If the paperwork only exists for audits, we treat the certificate as decorative rather than operational.

Step four: commercial transparency

Factories that will break down the quote into bill of materials, labor, overhead, tooling, and margin are factories that are not inflating the number. Factories that refuse the breakdown almost always are. We ask for the breakdown in writing and compare it to our own internal cost model for the category, which we maintain from prior programs.

Commercial transparency also shows up in payment terms, tooling ownership, minimum order quantity flexibility, and willingness to quote in writing rather than verbally. A factory that will commit to a written quotation valid for 30 days is a factory that understands serious buyers.

Step five: red flag inventory

Across categories, the red flags we watch for are consistent. A representative who keeps the buyer away from the production engineer. A cleanroom or assembly area we are not permitted to photograph for reasons that do not hold up. Sample lead times that collapse suspiciously when the buyer seems ready to walk. Export records that do not match the claimed customer list. Reference clients who cannot be verified independently. A BOM that has been copied from a competitor's public teardown.

Any single red flag is a conversation. Two or more in the same visit is a disqualification.

Step six: reference checking

We ask every shortlisted factory to name at least one comparable client in the target market, and we verify the reference independently. For EU bound programs we look for an EU distributor or brand. For US bound programs we look for a US buyer. Factories that claim a long client list but will not name anyone are a red flag, and factories that introduce us to a reference before we ask are usually the ones that end up on the shortlist.

If a factory cannot clear steps one through four during a single factory tour day, it does not reach the client shortlist. This is the line we hold regardless of product category.

Where the framework flexes

The framework stays the same, but the weighting shifts. For a medical adjacent wearable, steps two and three carry the highest weight because the regulatory path will not forgive a weak quality system. For a commodity gym wear reorder, steps four and six carry the highest weight because the technical risk is low and the commercial risk is the dominant failure mode. Matching diligence depth to commercial and supply risk is straight Kraljic, and it is how we keep the vetting process efficient on small orders and thorough on large ones.