Walk into a knitwear vendor day in Dongguan with a generic sustainability questionnaire and you will see the same scene play out at every booth: the buyer asks for "BSCI or SEDEX or SA8000, whichever you have," and the sales manager nods, pulls out a folder, and hands over whatever the office has on file. Sometimes it is a current BSCI audit report; sometimes a SEDEX login screenshot; sometimes a one-page summary of an audit done at a sister factory two years ago; sometimes nothing at all. The buyer takes the document, files it, and moves on.
This is the everyday reality of social-compliance vetting in apparel, and it is broken in both directions. Buyers treat three very different schemes as interchangeable. Factories present whatever they have because they cannot tell which one the buyer actually cares about. Real risk gets neither identified nor managed.
We are Licheng Knitwear, a custom knitwear manufacturer founded in 2018 in Dongguan, Guangdong. We work with brands in the US, Canada, Germany, the UK, France, Spain, the Netherlands and Sweden, and we sit across the table from compliance teams every quarter. This guide is the conversation we wish more buyers would start with. It walks through amfori BSCI, SEDEX SMETA and SA8000 — what each one is, what it audits, what the buyer actually gets, and what factories like us can and cannot say about them — so you can write requirements that mean something.
A critical note on Licheng before we go further: this article is educational. We do not claim Licheng currently holds any of these schemes. When a buyer structures a programme around a specific certification, we discuss what is realistically available per project, what timelines are involved, and which scope certificates our yarn mills and trim partners already hold. We do not publish unverified compliance claims about ourselves, and you should be cautious of any supplier who waves a logo without showing you the underlying current document.
The confusion is understandable. All three sit under the umbrella of "social compliance," all three reference ILO conventions and national labour law, and all three produce a document that procurement can attach to a vendor file. From a distance they look like flavours of the same thing.
They are not. The differences sit at three levels: what the scheme actually is (audit, platform or certification), who owns the resulting document, and what claim it lets you make about the supplier. Get those three layers right and the rest of the conversation becomes easy.
A second confusion: factories may legitimately have been audited under one scheme and not another, not because they are hiding anything, but because their other customers happened to require a different one. A Vietnamese sock factory selling to Aldi will have BSCI because amfori is heavily used by European discounters; a Bangladeshi knitter selling to Tesco will have SEDEX because British retail anchors on it; a small Italian-owned plant in Guangdong might have SA8000 because the parent company runs to management-system standards. None of these tell you the factory is "better" — they tell you which buyers shaped its document trail.
The Business Social Compliance Initiative, now branded amfori BSCI, is an industry-driven audit programme run by amfori, a Brussels-based association. Member brands and retailers commit to the amfori BSCI Code of Conduct and ask their suppliers to be audited against it.
The key technical fact, and the one most often misunderstood: BSCI is not a certification. There is no "BSCI certificate." What a factory receives is an audit report with a rating (commonly A through E, with A and B considered acceptable and C and below requiring a corrective action plan). The report is valid for a period — typically one or two years depending on the rating — and is hosted on the amfori sustainability platform.
What BSCI audits: thirteen performance areas covering management practices, workers' involvement and protection, freedom of association, no discrimination, fair remuneration, decent working hours, occupational health and safety, no child labour, special protection for young workers, no precarious employment, no bonded labour, environmental protection, and ethical business behaviour.
What the buyer gets: read-only access (via an amfori member account, which costs money) to the supplier's audit report on the platform, including the rating, the findings, and the corrective action plan if any.
What to ask a supplier for: the current audit report (PDF), the platform link, the rating, the date of the next audit, and a clear answer on which legal entity and address were audited — many groups have multiple sites and only one is in the platform.
Common buyer confusion: assuming a BSCI-audited supplier is "BSCI certified" and stopping due diligence there. The audit is a snapshot of one site on one day; it does not certify management systems, it does not cover subcontractors automatically, and a low rating does not bar a factory from selling — it triggers a follow-up audit.
SEDEX (Supplier Ethical Data Exchange) is best understood as two things: a membership platform on which suppliers self-report data and host audit reports, and a sponsored audit methodology called SMETA (Sedex Members Ethical Trade Audit) that factories commission from approved third-party audit bodies.
SMETA itself comes in two versions: 2-pillar (labour standards and health and safety) and 4-pillar (adds environment and business ethics). Most serious buyers ask for 4-pillar. The audit is conducted against the ETI Base Code, local law, and a set of SMETA-specific requirements.
The distinction from BSCI is mainly governance and platform: amfori owns BSCI end to end, including the code and the platform; SEDEX is more of a data-exchange utility, and SMETA is an audit standard that any participating audit firm can deliver. In practice, what an apparel buyer reads — a third-party social audit report against a multi-pillar code — looks similar in scope and depth.
What the buyer gets: access to the supplier's SEDEX profile (via a paying SEDEX membership) and the SMETA audit report and corrective action plan attached to it.
What to ask a supplier for: the SEDEX site number (the unique identifier for the audited site), confirmation of 2-pillar vs 4-pillar, the audit body, the audit date, the corrective action status, and access through the platform rather than just a PDF — PDFs can be edited, the platform record cannot.
Common buyer confusion: thinking "SEDEX" by itself means anything. A supplier can be SEDEX-registered without ever having been audited; the registration is a self-declaration. The substantive document is the SMETA audit report. "We're on SEDEX" is not the same statement as "We passed a 4-pillar SMETA audit nine months ago and these were the findings."
SA8000 is in a different category from the other two. It is a certification standard published by Social Accountability International (SAI), audited by accredited certification bodies, and operated like ISO 9001 — meaning the factory has to demonstrate not just compliant conditions on the day of the audit, but a documented management system that maintains compliance over time.
This is the technical answer to "is this a real certification?" — for SA8000, yes. For BSCI and SEDEX-SMETA, no, those are audits.
SA8000 covers child labour, forced or compulsory labour, health and safety, freedom of association and collective bargaining, discrimination, disciplinary practices, working hours, remuneration, and management systems. The management-systems requirement is the heavy lift: documented policies, internal audits, management review, worker representation, supplier and subcontractor management, grievance mechanisms, training, and corrective and preventive action.
Factories that pursue SA8000 typically do so because a major customer requires it, because they want to differentiate at the upper end of the contract-manufacturing market, or because their ownership group has a corporate policy. It is materially more expensive and slower to obtain than a BSCI or SMETA audit, and it is far less common among small-and-medium Asian apparel factories.
What the buyer gets: a third-party certificate with a clear validity period (three-year cycle with annual surveillance), issued by a named certification body, listed on the SAI public database.
Common buyer confusion: assuming SA8000 is just "BSCI with a logo." It is not. It is a management-system certification, which means asking for it from every supplier in a portfolio is a significant cost decision that excludes most of the SME factory base.
This is the table to keep beside any RFI. It is opinionated about what each scheme does and does not give you, written from the supplier side of the table.
|
| What it is | Industry audit programme | Audit framework on a shared platform | Third-party certification |
| Result document | Audit report, rating A–E | SMETA audit report (2 or 4 pillar) | Certificate + audit report |
| Validity | 1–2 years by rating | Re-audit cycle set by buyer/supplier | 3 years + annual surveillance |
| Code basis | amfori BSCI Code of Conduct | ETI Base Code + local law | SA8000 standard + ILO |
| Management system audited | Lightly | Lightly | Yes, deeply |
| Buyer access | amfori member login | SEDEX member login | Public SAI database |
| Typical cost to factory |
A practical compliance request to a knitwear supplier in 2026 should read roughly like this. First, name the scheme you require and the variant (BSCI rating threshold, SMETA 2 vs 4 pillar, SA8000). Second, ask for the current audit or certificate document, the platform identifier (BSCI audit ID, SEDEX site number, or SAI certificate number) and confirm the audited site address matches the production site for your order. Third, ask about subcontracting policy — particularly for knitwear, where dyeing, embroidery, and washing are often outsourced — and whether subcontractor audits are required.
For higher-risk markets or higher-profile programmes, layer in your own code of conduct and an unannounced or semi-announced visit by your QA or by a third-party auditor of your choosing. Audits commissioned by the supplier are not the same instrument as audits commissioned by you, and a buyer-led audit will surface issues a supplier-led audit politely overlooks.
Finally, be realistic about what you are buying. A custom knitwear factory in Dongguan running orders from 30 pieces per colour up to several thousand cannot economically maintain SA8000 unless several customers require it. Asking for SA8000 from every potential vendor on your shortlist will narrow the list dramatically — and not necessarily toward the best partners for your product.
We state this plainly: we do not publish certifications we do not currently hold, and we will not send a logo to a buyer's questionnaire without the supporting current document. Some of our buyers structure programmes that do not require third-party social audits at all; some require BSCI or SMETA; some have built their own audit instrument and visit personally.
When a buyer's project requires a specific audit or certification, we work through the practicalities together: what timeline the audit body needs, which legal entity and which production site will be audited, what the cost loading on the unit price looks like, and whether the project size justifies it. When buyers structure POs around scope certificates — for instance recycled-content claims through a Transaction Certificate at the mill level — we forward the supplier certificates and link them to the order documentation in a verifiable chain.
What we do not do is hand over an out-of-scope audit and let the buyer assume it covers the order. That is how greenwashing happens in apparel, and our position is that buyers and factories are both better served by honest paperwork than tidy paperwork.
The goal of any social-compliance scheme is not the document; it is the conditions inside the building. Treat BSCI, SEDEX and SA8000 as the different tools they are, ask for what your programme actually needs, and verify rather than file.
