Practical Answer — Supplier Control
China Supplier IP Audit Checklist Before Sharing CAD, Tooling, or Product Files
Last updated: June 2026
A pre-disclosure checklist for overseas buyers before sharing CAD/STP files, drawings, tooling payments, product specs, or customer information with a Chinese supplier.
In short
This checklist is for overseas buyers who want to slow down and verify the supplier-control basics before disclosing sensitive files or production details. It is not a general factory audit or a sourcing service. The aim is to identify where legal entity, file access, tooling ownership, subcontractor involvement, payment flow, and commercial documents may no longer be aligned.
This Is Not a General Factory Audit
A general factory audit usually looks at capacity, quality systems, or compliance. This page is different. It is about buyer-side supplier control and pre-disclosure IP exposure: who sees the files, who signs the papers, who can forward the drawings, and whether the commercial structure matches the relationship on the ground.
If the legal entity, the payment path, the file-sharing path, and the production path are not aligned, the risk usually increases long before a formal dispute appears. That is why the checklist below is built around documents, access, and evidence, not just promises.
When to Use This Checklist
- Before the first CAD, STP, drawing, or product-spec file is shared
- Before tooling payment or prototype development begins
- Before you send customer information, channel details, or pricing data
- Before a sourcing agent or trading company is allowed to coordinate the factory relationship
- Before you move from quoting into a production structure
The China Supplier IP Audit Checklist
| Audit Area | What to Check | Why It Matters | Evidence to Collect | Possible Next Step |
|---|---|---|---|---|
| Chinese legal entity and signing structure | Confirm which legal entity is signing, which entity is receiving files, and whether the bank account, chop, and quotation all match. | If the wrong entity signs, the protective documents may not bind the party that actually touches your product or files. | Business license, quotation, PO, PI, bank details, signed agreement, company chop, and entity registration details. | Verify the real contracting party before you share more. |
| CAD/STP/drawing file exposure | Map exactly which files are being shared, who receives them, and whether the supplier can forward them internally or externally. | File exposure usually expands faster than founders expect once the first technical file leaves the buyer's control. | File list, disclosure log, emails, file naming conventions, and any written file-use limits. | Use controlled disclosure and a China-focused NNN before sending the next file. |
| Mold/tooling ownership and storage | Confirm who paid, who owns, who stores, and who can move or reuse the molds and tooling. | Payment alone does not always prove control if the contract and supporting documents are silent or inconsistent. | Tooling invoice, PO, PI, agreement clause, tooling register, and written acknowledgments from the factory. | Add or strengthen tooling ownership and return clauses. |
| Sub-supplier / sister factory access | Ask whether any related factory, subcontractor, mold shop, packaging vendor, or external technical provider will touch the files or process. | Each additional touchpoint creates another possible leakage point for drawings, molds, specs, or production know-how. | Supplier map, subcontractor list, written confirmations, and any production flow description. | Limit downstream access and require written approval for any third-party involvement. |
| Overproduction / side-sale risk | Ask whether the factory can produce extra units, run off-book batches, or sell through other channels. | Overrun production and side sales can undermine pricing, channel control, and brand position even when the first order looks fine. | Production count language, order limits, market checks, and any QC or batch records. | Add production-count and non-sale restrictions to the agreement. |
| Customer bypass / non-circumvention risk | Check whether the supplier or agent can contact your customers, distributors, or downstream buyers directly. | Circumvention risk is often commercial, not just legal, and it can appear before any obvious dispute starts. | Customer list handling, non-circumvention language, communication rules, and payment path controls. | Use non-circumvention terms and tighten access to customer information. |
| Payment path, PO, PI, and contract consistency | Confirm that the entity on the PO, PI, invoice, payment account, and contract is the same or clearly aligned. | A mismatch can mean the commercial and legal structure is weaker than it appears. | PO, PI, invoices, bank account details, agreement, and order history. | Resolve the mismatch before the next payment or file transfer. |
Red Flags That Should Stop Further Disclosure
- The supplier will not confirm the legal entity or keeps switching between a factory name and a trading name
- The supplier wants the buyer to send full files before any written control structure is in place
- The factory, agent, or trading company will not say who else can see the files or tooling information
- The PO, PI, payment account, and contract do not match the same party
- The supplier says tooling or file ownership can be discussed later after payment is made
What This Audit Does Not Replace
It does not replace a China Supplier Control Review.
It does not replace a China NNN or OEM / manufacturing agreement.
It does not replace trademark filing, patent strategy, or a proper legal review of your documents.
It does not replace a real factory audit, QC inspection, or compliance check if that is what you actually need.
When to Request a China Supplier Control Review
Request a Supplier Control Review if this checklist uncovers entity mismatches, unclear file access, unclear tooling ownership, a possible sister-factory or subcontractor path, or any sign that the supplier relationship is moving faster than the protection around it.
The review is the better next step when you need a practical view of the full structure instead of only a yes-or-no answer about one document. It is especially relevant before a buyer sends the next file or makes the next payment.
Get Help
Need help pressure-testing your supplier setup before disclosure?
A China Supplier Control Review can help you decide whether the legal entity, files, tooling, and commercial documents are aligned enough to continue — or whether you should slow down first.
Frequently Asked Questions
Is this a general factory audit?
No. This checklist is buyer-side and IP-focused. It is meant to help overseas founders and product teams decide what to verify before they share CAD/STP files, drawings, tooling payments, product specs, or customer information with a Chinese supplier.
When should I use this checklist?
Use it before meaningful disclosure. It is most useful before the first file transfer, before tooling payment, before the first PO or PI is finalized, and before the supplier relationship starts to scale.
Does an NNN agreement make this unnecessary?
No. An NNN agreement is one layer of protection, but it does not replace entity verification, file access control, tooling ownership terms, or commercial document consistency.
What if I already shared some files?
The checklist is still useful. It can help you identify what has already been disclosed, what is still missing, and whether you need a Supplier Control Review before any further disclosure happens.
LinkedIn Newsletter
Read More on the China IP Gateway Newsletter
For weekly, practitioner-level commentary on China IP, NNN agreements, supplier control, trademark and patent strategy, follow the China IP Gateway newsletter on LinkedIn.
Follow the China IP Gateway Newsletter on LinkedIn