Not a questionnaire
anyone can game.
This is the Morpheus System doing what I’ve spent thirty years doing — reading a supply chain the way it actually behaves, not the way a form pretends it does. Every supplier moves through the same scenario-based assessment: real situations, not a checklist anyone can game. It runs on pattern recognition, behavioral and emotional analysis, and the threat-assessment training behind three decades of results — CBP methodology is part of my toolkit, not the whole of it. Morpheus scores what a supplier truly understands across four layers. This is where the value lives.
THE MORPHEUS SYSTEM · 30 YEARS OF EXPERTISEDrag a screen — pull Morpheus aside and watch the system run live.


What our Morpheus system actually measures.
Flip each layer ↓
You didn’t build this company to push paper.
Compliance was supposed to protect your growth — not consume it. XFACTOR carries the supplier due diligence and the continuous 5-Step risk assessment across all six programs — C-TPAT, PIP, AEO, Bill S-211, ESG and food safety. You prove your due diligence at 100%, and you get to lead your field again instead of pushing paper. Here is how the whole machine actually runs:
The six programs. Build in the ones you answer for.
Your plan covers one, three, or all six. Not sure which ones apply to you? Tap any program to preview it right here — without leaving this page.
The value, line by line.
You were never meant to manage people — you manage systems.
After thirty years on both sides of the table, I was done watching good companies overpay for less. I was the consultant they called to clean up what others left behind — hands on, department by department — so I built the Morpheus System to carry it for you.
What used to take a department and tens of thousands a year now lives in one platform — one flat rate for your whole chain, never per supplier.
Mandy-Lynn AitkenFounder & CEO
Here’s everything you get, in full — open any row to see what it means.
FOR YOU: THE CLIENT PACKAGES
★ Every client package includes the free Compliance Passport for every supplier you bring in — their own risk report, certificate monitoring, compliance calendar, and gap-targeted training, passed through at no charge.
Each supplier runs a live, scenario-based assessment with the Morpheus System: 30 scenarios for high-risk suppliers, 15 for the rest, drawn from a 120-scenario library. Every scenario asks three kinds of question: how they would respond, what they were trained on, and what their procedure actually says. It measures what a supplier truly understands, not what they can look up or copy off a form. STRATEGIC and AUTHORITY cross-reference all your programs at once; AUTHORITY runs in a priority queue.
Choose the programs that apply to you. The mutual-recognition engine means certifying for C-TPAT, PIP and AEO can auto-satisfy parts of Bill S-211, so you never do the same work twice.
Five steps, on CBP methodology: Architecture, Cargo, Threat, Vulnerability, Mitigation, assembled across every supplier into one 300–600 page documented record with the signed evidence attached. Each supplier is assessed across the full picture: their awareness and readiness, the training they’ve completed, their documentation, the effectiveness and efficiency of their own supply-chain security programs and processes, and their corporate culture and reputation, then designated VERIFIED, CONDITIONAL, or NOT VERIFIED. Re-run it twice a year on ESSENTIALS, quarterly above.
Cargo mapping is the part most platforms can’t do. Starting at each supplier’s own address, the system traces the real flow of your goods: the carriers, the transit points, and the sub-suppliers behind your suppliers (the FOB parties you never knew existed). It renders on a live Mapbox world map: supplier pins scored by risk tier, cargo-flow lines lane by lane, a concentration-risk view (where too much of your chain sits in one country or one port), an ecosystem graph of how every party connects, and a live activity feed. STRATEGIC adds advanced analytics; AUTHORITY adds custom weighting so the map reflects your own risk model. This is how you see the exposure before the auditor, or the disruption, finds it first.
Every competitor bills per supplier, and $50 each runs to six figures fast. XFACTOR charges per chain. Bring your whole list in, and your suppliers get the toolkit passed through free.
Department heads and directors each get their own login, their own training track, and their own progress + deadline reporting, and each manages their own group of suppliers. The same supplier can be used by three departments in three different ways, so each department assesses and monitors that supplier through the lens of how they actually use it. One supplier, seen and scored the way each team relies on it. A real differentiator.
Procedures (standard operating procedures) generated and tailored to your exact program mix. Three department handbooks, each delivered with an executive video and a podcast.
Real, named courses, not "modules." Each program ships 10–15. C-TPAT includes "The 5-Step Risk Assessment: Mapping Threats Across Your Supply Chain" and "Vetting Business Partners: C-TPAT Compliance Expectations for Your Supply Chain." Bill S-211 includes "The 18-Question Framework: Reading Between the Lines" and "Supplier Due Diligence: Evidence, Not Answers." On top of the program tracks, every account gets the Risk Intelligence series: "Red Flag Indicators: Detecting Threats Before They Reach Your Dock," "Incident Reporting," "Incoterms," and "F55: Classifying Suppliers Across All 14 Business Types." Program training scales with your tier: 1 program on ESSENTIALS, 3 on STRATEGIC, all 6 on AUTHORITY; department-depth certification programs live in XFACTOR COMMANDCENTER. Every course in four formats: video, PowerPoint, audio, infographic.
Not just storage. Active monitoring. Every regulatory certificate is tracked, assessed, and reviewed by country of origin, issuing authority, scope, and renewal date, and flagged valid, expiring, or expired before it ever lapses on you. That’s how you prove country-of-origin and chain-of-custody compliance the moment an auditor or a customer asks. STRATEGIC monitors up to 10 regulatory certificates; AUTHORITY, unlimited.
Roll subsidiaries and entities into one view, weight programs to your own risk model, and jump the Morpheus System queue. AUTHORITY only.
Once a year, the system reviews your entire compliance intelligence and surfaces what changed, what is at risk, and what is next.
Risk report, certificate monitoring, compliance calendar, and gap-targeted training in four formats, passed through to every supplier at no charge. They upgrade only if they want more.
ESSENTIALS is a 6-month engagement, paid in 2 installments. STRATEGIC and AUTHORITY are 1-year terms with a monthly option. No per-supplier fees on any plan. All rates plus applicable taxes.
One table. Every number.
The same numbers as above, laid out plain: scan it, print it, or paste it straight into the memo for your CFO.
| What you get | ESSENTIALS | MOST CHOSENSTRATEGIC | AUTHORITY |
|---|---|---|---|
| Founder Rate, per year (the first 25 lock it for life · closes August 7 at 11:59pm PT) | $4,444 | $6,250 | $13,444 |
| Standard rate | $12,500 · 6-month engagement | $17,000 · 1 year | $24,200 · 1 year |
| Compliance programs (of the six) | 1 program | 3 programs | All 6 |
| Suppliers included, flat | Up to 2,600 | Up to 5,000 | Up to 8,000 |
| Per-supplier fee | $0, ever | $0, ever | $0, ever |
| Director logins | 3 | 5 | 10 |
| Live risk assessment with the Morpheus System | Included | Included | Priority queue |
| The 5-Step Master Report | 2× a year | Quarterly | Quarterly |
| Regulatory certificate monitoring | Included | Up to 10 certificates | Unlimited |
| Training in four formats, multilingual | 1 program | 3 programs | All 6 programs |
| Procedures + 3 department handbooks | Included | Included | Included |
| Annual Compliance Review | Included | In-depth | Comprehensive |
| Enterprise controls (multi-entity rollup, custom weighting) | Not included | Not included | Included |
| Free Compliance Passport for every supplier you bring in | 1-program | 3-program | 6-program |
| Payment terms | 6-month engagement, 2 payments of $6,300 | 1 year, paid in full or $1,511/mo | 1 year, paid in full or $2,240/mo |
Regulatory certificate monitoring —
the part no one else does.
Tens of thousands of expiry dates. Owned by no one.
Every regulatory certificate across your chain — country-of-origin proofs, scope letters, issuing-body records — carries a renewal date. Spread across Procurement, QA, Operations, HR and Legal, that’s tens of thousands of dates no single person tracks. The lapse you find out about at the border, or from a customer who found it first — after it has already cost you.
Every cert tracked, flagged, and owned — before it lapses.
Morpheus monitors every regulatory certificate by country of origin, issuing body, scope and renewal date— and flags each one valid, expiring, or expired before it lapses on you. Every certificate is mapped to the department that owns it, so nothing falls between Procurement, QA, Operations, HR and Legal again.
- Valid · Expiring · Expired — flagged ahead of the deadline
- Mapped by country of origin & issuing authority
- Routed to the owning department, not a shared inbox
- Audit-ready proof of country-of-origin & chain-of-custody compliance
STRATEGIC monitors up to 10 regulatory certificates · AUTHORITY monitors an unlimitednumber — and every supplier you bring in gets certificate monitoring on their free Compliance Passport.
Built for your size.
Find your revenue band — your package is the one built for the seat you actually sit in.
- Not eligible for trade certs, but still must prove compliance
- Held to Bill S-211, GFSI / Nestlé, or internal due diligence
- Gives you the assessment, the proof, and the program to keep the contract
- Staffing agencies, IT vendors, service providers & smaller importers
Common business types
Staffing & personnel agencies · Security & janitorial services · IT, SaaS & cloud vendors · Smaller 3PL & logistics providers · Other service providers
Why here: C-TPAT and Bill S-211 both start at ESSENTIALS — the standard your clients hold you to even when you can’t carry a trade certification yourself. Staffing agencies in particular carry real forced-labour (S-211) exposure.
- Where most companies land — and the hardest seat in the chain
- Juggling protocols across every program and industry you serve
- Cross-references all of it so certifying once satisfies the rest
- Shows you the exposure before it costs you a customer
Common business types
Manufacturers · Raw-materials suppliers · Importers & exporters · Distributors & wholesalers · Carriers (domestic & international) · Freight forwarders & drayage · 3PL & logistics providers · Warehousing & distribution · Packaging suppliers
Why here: PIP, AEO and ESG all unlock at STRATEGIC — the programs that hold you responsible for every partner that touches your freight or crosses a border.
- For the enterprise that answers for everything — all six programs
- Rolls every subsidiary into one view, weighted to your own risk model
- Runs in a priority Morpheus queue across thousands of suppliers
- Produces the defensible record a regulator or top customer accepts
Common business types
Food manufacturers, processors & brand owners — especially Nestlé / GFSI suppliers · Customs brokers & foreign importers of record · Multi-entity manufacturers & importers · Enterprise carriers & distributors
Why here: GFSI / Nestlé food safety and the full mutual-recognition engine are AUTHORITY-only — and the 2026 Strengthening Customs Enforcement order now makes C-TPAT validation effectively mandatory for customs brokers and foreign importers clearing US freight. This is also where Bill S-211’s board-signed, director-liability filers land (≥$40M revenue, ≥$20M assets, or ≥250 employees).
Your first 8 suppliers are completely free for 15 days. No credit card, no sales call, no contract required.
If we don’t surface a gap worth more than the ten minutes it takes to start, you’ve lost nothing.
Your suppliers, by risk
Cross-border carriers, food mfg, customs brokers, 3PL, high-risk countries. Full 5-Step + cargo mapping.
The default tier. Standard assessment, verification and monitoring.
Domestic, low-spend, commodity and professional services. Baseline + annual review.
To keep up, by hand, you would need
full-time compliance specialists, every year — just to assess and monitor this chain by hand.
One flat rate. Every supplier in your chain. No per-supplier fee, no headcount to hire.
Tokenized supply chains are coming fast. When every supplier, shipment, and document is on-chain and verifiable in real time, doing this by hand is not slow, it is impossible. XFACTOR is how you are ready.

Free guide
Not ready to talk yet? Start here, free.
The guide we built from every assessment: How to Evaluate Supplier Risk. The 5-step method, yours in one email.
Your suppliers come in free. The rest is their call.
Every supplier you bring in starts free on a Compliance Passport — included in your plan, at no cost to you or to them: their own risk report, findings, certificate monitoring and gap-targeted training. If a supplier wants to stay audit-ready year-round or win business on compliance, theycan upgrade to VIGILANT or GUARDIAN themselves — billed directly to the supplier, never to you. Those plans are sold to suppliers, on their own terms.
See what your suppliers getThey charge per supplier. We charge per chain.
This is not another bill. It is the trap every competitor sets, and the one XFACTOR removes. Same 3,000 suppliers, two very different invoices.
The more suppliers you carry, the wider that gap opens in your favour.
The questions every leader asks first.
What does XFACTOR VERIFIED actually do?
It carries your supply-chain compliance work. XFACTOR VERIFIED runs supplier due diligence and a continuous CBP 5-Step risk assessment across the programs you answer for, then turns it into audit-ready proof — so you prove your due diligence at 100%, even though no supply chain ever is.
Which compliance programs does it cover?
Six: C-TPAT, PIP, AEO, Bill S-211 forced-labour reporting, ESG, and food safety (GFSI). You build in the ones you answer for — one at a time, or all at once, at your own pace.
Is pricing charged per supplier?
No. XFACTOR charges a flat rate per chain, not per supplier — so the more suppliers you carry, the more you save. Competitors bill roughly $50 per supplier; on 3,000 suppliers that is $150,000 a year. The AUTHORITY tier is one flat rate for up to 8,000 suppliers.
Do I have to certify, or can I just stay compliant?
Either. Some companies are required to certify (C-TPAT, PIP, AEO); others only need to prove compliance (Bill S-211, ESG, food safety). XFACTOR VERIFIED covers both paths in one place, at your pace.
Who is XFACTOR VERIFIED for?
Canadian and US companies of any size — mid-market, small business, and enterprise — plus the suppliers their clients require to comply. It is built by a founder with 30 years on both sides of the audit table.
What is the Founder Rate?
The first 25 Founding Members lock 50% off for life, for as long as they stay. It is not a discount — it is a place in the group that shapes the product. Founder Rate closes August 7 at 11:59pm PT.
They built their proof with us.
Delon LaboratoriesMitchel LincolnShellcastLepage MillworkFreshstone BrandsBody BlueAndy TransportBerger Peat MossErb Transport
No gotchas. What you see is what you pay.
No per-supplier fees. No surprise add-ons. No subject-to-change fine print. Everything your plan includes is listed up front, and your Founder Rate holds for as long as you stay.
Lock the Founder RateSupply chains have already changed.
- Are you ready for tokenization?
- Are you ready to manage systems — not people?
- Are you ready to sustain your profitability?
The companies that move first won’t be the biggest — they’ll be the ones who can predict, pivot and pilot from real data. Don’t get left behind in the new world of supply chains.
