The Swiss coalition Corporate Jusice has managed to put regulation of business responsibility on the agenda of policy makers in their country. On Friday, they organised a public debate in Bern with MPs from the right and left, before an audience of over 150 people from industry and civil society. I was asked to speak about the findings of the expert group commissioned by ICAR, ECCJ and CNCA to examine human rights due diligence and the role of states (the report and data base can be found here). Below is the text of my speech. You can also download it here.
“Thanks to Recht ohne Grensen / Droit sans frontier for the invitation to speak here today. I understand that it is an important time in the policy debates on business responsibility here in Switzerland and I am grateful for the opportunity to contribute, to the extent that I can.
I will today be talking about what role the State can – and should – play in ensuring business respects human rights. My comments will be based on research conducted in 2012, but first a word about the international framework that has emerged since 2011.
In June 2011, the UN Human Rights Council unanimously endorsed the Guiding Principles on Business and Human Rights. The Guiding Principles are intended to guide implementation of the “Protect, Respect and Remedy” Framework developed by SRSG Professor John Ruggie during his mandate from 2005 to 2011. Since then, the approach outlined in the Guiding Principles has been integrated to the OECD Guidelines on Multinational Enterprises, the revised EU Strategy on CSR, the International Finance Corporation’s Performance Standards, which in turn are used by Export Credit Agencies in many OECD Countries. The same approach can be found in the OECD Guidance on Responsible Supply Chain Management of Conflict Minerals and in national legislation in the United States and the Democratic Republic of the Congo.
So, two years on, it appears that the Guiding Principles are being rapidly globalized through multilateral policy coordination and through national legislation. As I will describe below, one of the reasons for this is that the Guiding Principles fit well with domestic forms of regulation of business entities: the guiding Principles affirm that business enterprises have a responsibility to respect human rights, and that States have a duty to ensure that they do so. In other words, they re-affirm the hierarchy in law, in which the state is the legitimate source of authority and a company operates within that authority. The re-affirm the state’s role in protecting people and the environment and in regulating business to those ends. These are not new ideas, and they were not somehow invented by the Guiding Principles. But they are worth repeating, not least because the power and nature of multinational corporations tends to blind us to the fact that multinational corporations are, in very many ways, national animals.
What is new about the Guiding Principles – and perhaps its most important contribution to the debates on corporate responsibility – is that they elaborate a definition of what is means for a company to respect human rights. The definition is simple – it is based on the principle that one should “do no harm” – and it says simply that to meet its responsibility to respect human rights, a business should act with due diligence to ensure that it does not infringe on the rights of others. In other words, that a business is responsible for its impacts, which arise from is activities and relationships, and that it should take steps – due diligence – to ensure its activities and relationships do not have adverse impacts on people’s rights. The Guiding Principles make clear that this responsibility extends throughout a business’s operations and relationships globally; and that it is an independent responsibility of business, that is, a responsibility that exists independent of what states do or do not do.
Independent, but not isolated. Independent of the state’s duty to protect human rights, but not isolated from it. In fact, the Guiding Principles describe the duty of States to protect against abuses by businesses as including “appropriate steps to prevent, investigate, punish and redress” human rights abuse “through effective policies, legislation, regulations and adjudication.”
The Guiding Principles use the practice of due diligence as the operational means for business enterprises to respect human rights. But the specific options available to States to ensure the implementation of business due diligence are not specified. So the question arises, What can the state do to ensure that businesses respect human rights? What forms of regulation might best encourage or require business to conduct due diligence?
To answer that question, a group of three civil society coalitions – the International Corporate Accountability Roundtable (ICAR), the European Coalition for Corporate Justice (ECCJ) and the Canadian Network on Corporate Accountability (CNCA) – commissioned four experts (Professor Olivier de Schutter, Professor Anita Ramasastry, Robert Thompson, and me, Mark Taylor) to advise them in what become known the Human Rights Due Diligence Project.
The project sought to establish the extent to which the legal systems of States already make use of due diligence regulations to ensure that businesses respect established standards; and it had as its second objective to describe a range of regulatory options policymakers might use to take the next steps in ensuring businesses respect human rights.
The report is the culmination of Consultations throughout 2012 with lawyers and scholars from around the world – and all regions – on the question of how States already use due diligence regulations to ensure that the behavior of business enterprises meets social expectations. Based on a structured set of questions concerning how States ensure due diligence by business, we sought input from experts familiar with a variety of areas of substantive law in the legal systems of countries from every region, including the largest economies, as well as both civil law and common law jurisdictions. The objective of seeking multi-jurisdictional examples was to take into account differences among legal systems and cultures, and varying levels of economic development. The idea was both to see where commonalities lay, but also to show legal diversity, to allow contributors to point out distinguishing characteristics of particular regulatory systems in their areas of expertise. The Project ultimately obtained more than 100 examples of due diligence regimes in more than 20 States, drawn from a wide variety of regulatory sectors. The Authors were also able to draw on our own expertise in business and commercial law, human rights law, national and international criminal law, and environmental law. The report and those examples are available online at www.accountabilityroundtable.org
The principal finding of the project can be summarized in four short points: First, that due diligence is commonly used by the legal systems of states around the world; second, that is found across legal traditions – from the US to China, from Australia to Nigeria, from Argentina to the EU and its member states, from common law countries to civil law countries; third, that in those legal systems due diligence is commonly used to assess business compliance with standards set in law; Fourth, we also found that those national due diligence procedures are consistent with the due diligence process described in the Guiding Principles and concluded that, on the basis of this coherence, it is possible to describe an emerging standard of due diligence procedure that is familiar in many jurisdictions and internationally.
I will not go into detail about due diligence procedure, but it is possible to summarize due diligence as a responsibility of a business consisting of three basic elements:
A responsibility to identify actual or potential impacts of its activities and relationships on human rights (this is a form of self-investigation by a business entity which involves identifying “human rights risks”, i.e. the risk that a business will infringe on the rights of others)
A responsibility to Prevent and Mitigate the impacts of its activities on the rights of others, basically taking action to avoid or mediate detected risks or actual harms
A responsibility to account for its impacts and efforts to respond to them, not least with respect to key stakeholders, i.e. those most affected by the business activities (in essence a spectrum of reporting or disclosure requirements)
These basic elements were consistent with what we found in domestic jurisdictions, as well as in other emerging standards being implemented at the international level: identify the risks to human rights (know what you are doing), do something about those risks, and be transparent about both the risks and what you are doing to address them.
In every country, there are a range of existing laws that protect human rights from business-related violations – everything from labour, consumer, environmental protection, or land tenancy laws do serve to protect human rights, even though they might be called something other than “human rights” in national law and policy. As I will describe in a minute, many of these also deploy forms of business due diligence to do so. However, while we found extensive evidence of State practice with respect to regulating due diligence, we also found little in the form of explicit reference to human rights per se in the variety of due diligence regimes which exist in the legal systems of the states we looked at. We were also reminded repeatedly by the experts and lawyers we consulted that in many cases these laws are poorly enforced.
In light of the evidence, we concluded that- first – the obstacle to regulating human rights due diligence by business must be considered rather low; that is, that the evidence of a high level of state practice of due diligence regulation reduced the threshold to regulating due diligence at the state level; and that – second – states could make far greater use of legal tools to ensure business respects human rights in general, and that companies implement due diligence for human rights in particular. Third, we suggest that while there is coherence in due diligence procedure, there is unlikely to be a single form of due diligence regulation that will be appropriate for every jurisdiction. Due diligence practice does look familiar wherever you go, and it will continue to do so when applied to human rights. But the regulations – the appropriate and effective “smart mix” of law and policy – that implement them in national law will be different.
In short, we argue that it is time the protection of human rights be given the same degree of attention which the law has given to other areas in which business causes harm or contributes undermining public goods. We argue that due diligence is the way to do so but that how States do so will be a function of the particular legal tradition in each jurisdiction, the way due diligence is commonly used in those legal systems, the nature of the business activity to be regulated, and the particular human rights contexts involved.
In every case, the role of due diligence regulation remains the same: to simultaneously 1. clarify in law the social expectations of business behaviour and 2. make it easier for regulators and the courts (as well as markets and consumers) to assess compliance.
Four Approaches to Regulating Due Diligence
The examples we looked at indicate at least four main regulatory approaches through which States can ensure human rights due diligence activities by business. Usually these approaches co-exist within the same jurisdictions and legal systems.
The first approach imposes a due diligence requirement as a matter of regulatory compliance. States implement rules that require business enterprises to conduct due diligence, either as a direct legal obligation formulated in a rule, or indirectly by offering companies the opportunity to use due diligence as a defense against charges of criminal, civil or administrative violations. For example, the courts use business due diligence to assess business compliance with environmental laws (US, CEPA), labor (China overseas workers), consumer protection (Germany) and anti-corruption laws (US FCAP / UK BA). Similarly, regulatory agencies regularly require business due diligence as the basis upon which to grant approvals and licenses for business activities (EIA in India and Ghana; Germany/construction). Anti-money laundering laws are increasingly global (e.g. OECD, China) their KYC or CDD provisions are forms of due diligence.
The second regulatory approach provides incentives and benefits to companies in return for their being able to demonstrate due diligence practice. For example, (Japan / Korea / Taiwan Green Procurement / US Federal Procurement re child labour; US Davis-Bacon re social dumping / wages in construction and fed contracts; Norway Pension Fund Global ethical screening) in order for business enterprises to qualify for export credit, labeling schemes or other forms of State support, States often require due diligence on environmental and social risks (the Dutch “Trade and Industry Tool” for ODA requires a company to submit a risk assessment of impacts; US Trade preferences Hope Act in Haiti)
A third approach is for States to encourage due diligence through transparency and disclosure mechanisms. States implement rules that require business enterprises to disclose due diligence with the intention that markets and society will attempt to constrain any identified harms. For example, (Aarhus Convention in EU re environmental info to stakeholders), securities laws in most countries, consumer protection laws (France, Argentina, Germany, EU) and reporting requirements for corporate social responsibility (Denmark, Norway, Spain, Malaysia) operate on the logic that information serves the interests and will prompt action by investors, regulators, and people who might be adversely affected by a business activity. (US California web site disclosure re DD for human trafficking, for co. over 100 mill).
A fourth category involves a combination of one or more of these approaches. States regularly combine aspects of these approaches in order to construct an incentive structure that promotes respect by business for the standards set down in the rules and ensures that compliance can be assessed in an efficient and effective manner. For example, administrative rules governing environmental protection, labor rights, consumer protection or anti-corruption may require business due diligence as the bases for a license or approval, and may also require regular reporting disclosure of due diligence activities by business. Enforcement of such rules can combine a combination of administrative penalty (fines), criminal law sanctions and the possibility of civil action, in which due diligence can be a defense.
In general, what these approaches show is that it is entirely possible for States to use their roles as regulators, purchasers, financiers, investors, and owners, to ensure the incentives for business are based on ensuring a business respect’s human rights, including through the use of due diligence.
The Reach of HR DD
I would like to say a word about what we found with respect to jurisdiction the reach of due diligence and its significance for jurisdiction:
As you all know, contemporary business activity is integrated across national and organizational boundaries. Companies operate through networks of suppliers, sub-contractors, franchisees, and distributors, often located in different States. The corporate group usually includes a number of separate legal entities, over which the parent company, which owns part or all of the stock, exercises variable degrees of control. These various entities may be incorporated or operate in different jurisdictions. As a result, most products and services available today may be said to be the result of collaboration between a number of business entities, entertaining contractual or investment links, and often escaping the jurisdiction of any single State.
The problem is that respect for legal standards, such as environmental protection, or labor rights, may be undermined by the creative use of business relationships, the various forms of business entities and the organization or structure of corporate groups.
Our analysis suggests due diligence is used by these different legal regimes to overcome the obstacles to effective regulation posed by complex corporate structures or trans-jurisdictional activities. Over time, the legal regimes governing due diligence activities have adapted their reach to the activities and relationships created by this integration of business enterprises.
In national legal systems, the responsibility of business enterprises to conduct due diligence does not end at the legal boundary of the individual company. Due diligence extends throughout the corporate group and in some cases to all business relationships globally. This is true in the national and international laws governing of anti-corruption (UK), workplace safety (China), conflict minerals (US), anti-discrimination against people with disabilities (US) and with respect to civil actions (and the EU Brussels I Regulation e.g. NL/Shell Nigeria both of which deploy due diligence in this regard).
The intent of such provisions is to prevent business enterprises from escaping responsibility by outsourcing risky activities to others through their business relationships. These laws approach responsibility in a way that recognizes the formal limits of the legal entity but does not allow the choice of organizational forms to create obstacles to addressing the potential harms or violations arising from the business activities of that entity. The purpose of the due diligence concept is to require a business to identify, prevent or mitigate, and account for, a harm or violation. By doing so across a firm’s business relationships globally, the scope of due diligence is designed to overcome other legal boundaries, such as the reality of separate legal entities, or separate jurisdictions. Its scope is, therefore, often determined first and foremost by the nature of the harm to be avoided.
With that I would like to conclude by adding that our report made a series of recommendations about practical steps legislators could take to both encourage and require due diligence by businesses. These ranged from the use of due diligence in licensing, procurement and export credit activities, in transparency and reporting requirements and all the way over to the place of due diligence as a defense for companies facing civil or criminal actions.
We heard earlier today that the problem with ensuring that business acts responsibly is that “everything is voluntary”. Based on my participation in the Expert Group I am convinced that era is coming to a close. It is now time for lawmakers to give at least as much regulatory attention to protecting human rights from abuse by businesses as they do the protecting against other public goods threatened by business activity. The question for policy makers is no longer whether to regulate, but how to regulate – both fairly and effectively – to protect human rights.
Thank you for your attention.”
Comments to “Menschenrechtsverletzungen verhinderen. Welche rolle spielen präventive massnahmen?” Recht ohne grenzen, Berne, 14 June 2013
Mark B. Taylor, Senior Researcher, Fafo Institute for Applied International Studies.
Image: Jared Rodriguez / Truth Out