Get ready for mandatory human rights due diligence

The global human rights agenda is gaining momentum with a number of jurisdictions, including the United States, Germany, Switzerland, and the EU currently working (or committed) to introduce mandatory human rights due diligence laws. The trend is clear: human rights oversight is shifting from soft law to hard law. Governments are becoming increasingly serious about addressing human rights abuses, as well as broader ESG concerns, in corporate supply chains.

Governments are becoming increasingly serious about addressing human rights abuses, as well as broader ESG concerns, in corporate supply chains. Simply put, human rights in the company supply chain is likely a legal issue now.

Sooner or later, organizations would reflect this in their legal/compliance departments’ scope and structure. 

To date, human rights have generally been treated by companies as corporate social responsibility, with at least two factors driving this. First, the existing modern slavery regulations focus mostly on reporting and disclosure (see the California Transparency in Supply Chains Act and the UK’s Modern Slavery Act). Second, enforcement has been limited. Today, however, regulators are taking a further step by seeking to mandate audits and compliance programs that can monitor supply chains on an ongoing basis.

If passed, the new laws would require companies to assess, mitigate, prevent, and address human rights risks through all tiers of the value chain. In practice, this would look similar to the anti-corruption “adequate procedures” approach. For example, the German Supply Chain draft law provides that the measures to prevent potentially adverse effects on human rights are expected to be reasonable and proportionate given the company context, risk probability, and potential impact.

Indeed, the nexus between corruption and human rights is likely evident. In many areas where corruption is endemic, it correlates with negative human rights impacts, including inadequate protection of social rights and a lack of equality. Taking this thought further, corruption in the public sector itself can be reframed as a violation of human rights. 

Both anti-corruption and human rights protection regulations have their origins in ethics. That’s why these areas of compliance resonate with employees’ morals and values. As the recent OECD publication “Connecting the anti-corruption and human rights agendas: A guide for business and employers’ organizations” rightly points out, a human rights lens allows companies to see corruption as a wider societal problem, not just a company-employee issue. This perspective makes the anti-corruption message more compelling and helps to gain more active employee and leadership buy-in.

Following this thinking, some companies have already taken steps to merge their compliance/anti-corruption and human rights programs to create a holistic view of related risks. In an interview with the Wall Street Journal, Barrick Gold’s chief compliance officer said, “from efficiency and risk-mitigation standpoint it made sense.”

The expectations of regulators from your human rights due diligence efforts are likely to be similar to those from your anti-corruption program: proactively manage your third-party relationships and take necessary steps to prevent, assess and address the identified risks across the supply chain. If we look at the U.S. DOJ’s Evaluation of Corporate Compliance Programs, the following action points would apply to modern slavery and human rights-related risks:

• making sure that the third-party management process corresponds to the nature and level of the identified risk
• engaging in the first line/second line risk management of third parties throughout the lifespan of the relationship, through both, onboarding process and ongoing monitoring through updated due diligence, training, audits, and/or annual compliance certifications
• integrating this process into the relevant procurement and vendor management
• communicating company policies and procedures to relevant third parties, publicizing existing reporting mechanisms
• incentivizing compliance and ethical behavior by third parties, providing appropriate training about compliance risks and how to manage them
• tracking and addressing red flags that are identified from due diligence, including termination/remediation, and
• making sure to have audit rights and exercising those rights when appropriate.

That said, identifying modern slavery and human rights-related risks would require specific knowledge and expertise. Even though there are many overlaps and correlations between corruption and human rights abuses, you will be looking for very different risk indicators while performing third-party screening (for example, workers’ and work-seekers’ addresses for high occupancy of particular houses or bank accounts which identify unrelated workers being paid into one account) and on-site visits (workers appearing frightened, acting as if they are instructed by another person, rejecting help and support when offered, showing signs of injury or neglect, etc.). 

Secondly, human rights efforts mainly focus on risks to rights-holders and take a victim-centered perspective. That’s why access to an effective remedy is key. Many victims won’t or can’t go to the police; therefore, you need to be prepared to fully cooperate and provide for remediation, including rescuing victims to a place of safety. 

To sum up, there are many lessons from anti-corruption that can apply to a modern slavery and human rights program, at least on a conceptual/framework level. However, content-wise, you’ll need to ensure the expertise is in place to identify and remediate the related risks and address the specifics. Implementing the program should be a collaborative and inclusive process that involves representation from a number of departments, including compliance, legal, human resources, internal audit, security, risk management, procurement, and IT. Stakeholders need to partner to make sure that risk is managed effectively down the entire supply chain.