First, let me frame this by limiting it to the US (and possibly UK) where class action lawsuits are part of law. I can’t speak for other nations, and know that in many countries, there’s no such thing.
We’ve seen in the past ten years the following trends blossom into routine:
- CBs routinely consult, in violation of ISO 17021, by providing advice, specific solutions, software, documentation and more – and then certifying clients who use such products. This dilutes the value of ISO 9001 certification for everyone, justifying a possible lawsuit.
- CBs routinely trade in the intellectual property and confidential information of their other clients, swapping it around. In one example, a CB auditor was found handing out copies of his other clients’ Quality Manuals to new clients. In another example, an auditor was discovered discussing openly the implementation methods of another client, giving the information to a direct competitor. Such actions justify a possible lawsuit.
- CBs routinely violate their own contracts, by failing to provide audit schedules in advance, failing to show up to audits on time, and failing to write reports that contain required objective evidence. Such contract violations justify a lawsuit.
- CBs routinely send auditors to clients in industries where the auditors do not have proper experience or skills, in violation of accreditation rules. Since compliance to the rules is part of their advertising and contract, these violations would justify a lawsuit.
- CBs invoke “punishment clauses” against clients who attempt to fire them, by demanding they pay the full balance of a 3-year contract in the event of early termination.
Finally, ISO 9001 is given to companies that routinely prove they are not following ISO 9001, and shouldn’t have it to begin with: BP Oil (Deepwater horizon), Inflation Systems Inc (Takata airbags), Boeing Dreamliner subcontractors, and more. There is a real and current risk to public safety being felt by the public, while dangerous products are released into the market. Yet until these disasters strike, somehow these companies maintain ISO 9001 certification.
Such a lawsuit would probably be targeted at ANSI, in the US anyway, for mismanagement of our only accreditation body, ANAB. ANAB ultimately allows these things to happen on its watch, and it’s time for them to answer for it. Since ANSI manages ANAB, they would be the focus. We can’t expect the deeply conflicted ANAB to police itself.
In the UK this would be against UKAS. There, however, UKAS is subject to actual laws, and a criminal investigation might even be warranted.
ISO 9001 end users have both an intellectual expectation and a legal, contractually-bound expectation, that ABs and CBs conduct their activities in accordance with what they claiming their marketing and their contracts. Failure to do so is a breach of contract and likely business-to-business fraud. Failure to do so when working under government contracts may well be criminal fraud. But in the end, such behavior reduces the value of ISO 9001 worldwide, making those paying for it the victims.
In response to pushback, the CBs and ABs have resorted to the worst kinds of “Chicago style” thuggery: threats, harassment, intimidation and bogus lawsuits. It’s likely we will see some of this on display, right here in this discussion thread, in about five minutes. What CB reps lack as far as good judgment, they make up for in abundance with complete tone-deaf ignorance of their own bullying tactics.
Maybe it’s time ISO 9001 end users got together to support each other, and forced the CBs and ABs to get their houses in order.