SupplierKit
Supplier compliance automation for travel operator teams managing large supplier networks.
Supplier compliance automation for travel operator teams managing large supplier networks.
Who is it for?
Operations coordinators at travel operator companies managing 50+ suppliers — tour operators, DMCs, and activity providers who are responsible for keeping insurance certificates, permits, health and safety records, and attestations current across a distributed network of suppliers, but don't have a dedicated legal, procurement, or compliance function to lean on.
What problem does it solve?
Travel operator teams drown in supplier compliance busywork. A single coordinator might chase dozens of suppliers every month for expiring insurance certificates, permits, and attestations — tracking it in spreadsheets, chasing over email and WhatsApp, and manually comparing values against internal thresholds. Records go stale, audits become fire drills, and nobody has a clean current view of which suppliers are actually usable. Existing vendor-compliance tools are priced for enterprise procurement teams and assume a legal function operators don't have.
Why I built this
I kept seeing the same pattern across travel operators: smart ops teams burning hours on supplier chasing work that should be automated, while the enterprise compliance tools on the market were either priced out of reach or built for a buyer profile that doesn't exist in this industry. I wanted to build the tool I'd want if I were running ops at a 50-supplier travel company — opinionated workflow templates, a supplier portal that actually gets used, and pricing that makes sense against a coordinator's salary rather than a Fortune 500 procurement budget.
How it works
An operator picks a preset compliance requirement (e.g. public liability insurance with a coverage threshold), attaches it to suppliers, and SupplierKit takes over the chase. Suppliers receive outreach with a link to a branded portal where they upload documents and enter key values. SupplierKit compares submitted values against the operator's thresholds and routes anything ambiguous into a human review queue. Approved records update the supplier's compliance state; rejected ones trigger a re-chase. The dashboard shows which suppliers are current, which are expiring, and which are blocked, with a preserved audit trail of every request, submission, and decision.
Design & product decisions
I made a few opinionated calls. First, humans approve everything in v1 — no automated compliance decisions — because the liability surface of auto-approving insurance is not something I want to own, and operators trust the system more when they're the final signer. Second, I split the product into two Next.js apps (auth.supplierkit.com and app.supplierkit.com) sharing one Supabase project, so auth/billing can evolve independently from the core product without a painful rewrite. Third, I leaned on Prisma with service-role Postgres for most API routes but kept Supabase RLS enabled as defense-in-depth on all 73 tables, so a bug in app-level auth can't leak cross-org data. Fourth, I narrowed the ICP hard to travel operators with 50+ suppliers — earlier plans included travel advisers and contract-analysis-first positioning, but willingness to pay wasn't there, so the chase engine became the wedge and contracts became just one document type in the system.
More by David Meehan
Dynamic roadtrip planner for a Serbian architectural adventure
An interactive guide to a Brutalist road trip across Serbia
Voice Widget
A white-label Next.js app for configuring, previewing, and embedding ElevenLabs-powered voice chat widgets on any website.
Satsang
A calm, AI-guided conversation space for parents to recover their regulated presence and discover the tools to show up as the parents they know they can be.