Re: Differences between IATF16949:2016 vs TS16949:2009
It really depends on your organization. Refer to Section 8.4.1.2 and 8.4.2.3 in IATF16949.
If your supplier is not ISO9001 registered, you should have at least conducted a compliance audit on that supplier.
As long as you have audited them and they have a plan to achieve certification, you should be ok. If the attitude is that they will never go for certification, you should have documented that they are compliant via a 2nd party audit.